UTAK Lead Center Privacy Policy Effective date: 2026-06-29 UTAK Lead Center is used by UTAK to receive, organize, qualify, and respond to business leads and customer conversations from authorized platform accounts. This public host is only the callback, domain-verification, and reviewer information surface. The operational dashboard remains private and is not exposed here. Data we may process - Platform account, page, advertiser, campaign, lead form, message, comment, conversation, and event identifiers. - Lead and conversation content provided through platform callbacks, such as names, contact details, form answers, messages, comments, timestamps, and related metadata. - Authorization and app-review metadata needed to connect authorized business accounts, when an approved OAuth/token flow is deployed. - Operational logs needed for security, debugging, webhook verification, delivery auditing, deduplication, and incident response. How we use data - To ingest and route leads and customer conversations into UTAK Lead Center. - To qualify leads, prepare follow-up, support demo booking workflows, and maintain a single operational record for authorized UTAK users. - To verify callbacks, prevent replay or unauthorized access, debug delivery issues, and maintain audit trails. - To satisfy platform requirements such as webhook verification, data deletion callbacks, and app review. AI and service providers UTAK Lead Center may use infrastructure, database, security, observability, and AI/model service providers to operate the product, classify and summarize leads, draft responses, and support booking workflows. Providers are used only as needed to operate the service and are not a public disclosure of the private dashboard. Final subprocessor wording and any provider-specific commitments must be approved before platform submission. Sharing and sale UTAK does not sell lead or conversation data through this gateway. Data is used for UTAK's own lead-center operations and may be shared only with service providers, platform providers, authorized UTAK operators, or others when required for security, legal, or platform compliance. Retention Lead, conversation, authorization, and audit data is retained only as long as needed for UTAK operations, security, platform compliance, legal obligations, and troubleshooting. Callback logs are minimized and configured to avoid logging OAuth codes, access tokens, verify tokens, authorization headers, and cookies. Deletion and access requests Users may request deletion through the platform-provided deletion or authorization-removal workflow where available. Meta data deletion requests are handled through the UTAK Meta data deletion callback/status flow. Requests can also be made through the UTAK business channel where consent or the original lead interaction was provided. UTAK will verify the request scope and remove or anonymize matching data when required, unless retention is needed for security, legal, or compliance reasons. Security The callback gateway uses exact path allowlisting, public-port firewall restrictions, signed callback verification where implemented, request-size limits, and redacted access logging. The private dashboard and internal APIs remain behind private access controls and are not exposed by this public host. Contact For privacy, access, or deletion questions, contact UTAK through the business channel where the lead interaction or consent was provided, or through the platform deletion workflow when available.