Trust & security
You hold the keys. We hold the security.
Batcho runs on the same infrastructure Fortune 500 companies trust. Parents and students hand you their money and their children's data. We make sure that trust is well placed.
Tenant isolation by design
Every read and write is scoped to your academy's tenant ID through Firestore Security Rules. No cross-tenant leakage is technically possible.
Bank-grade payment security
Razorpay and Stripe handle every card and UPI transaction. We never touch card data. Webhooks are HMAC-SHA256 verified.
Role-based access control
Owner, admin, co-trainer, student and parent — five distinct roles enforced through Firebase custom claims. Co-trainers only see batches assigned to them.
Firebase App Check
Every callable Cloud Function is gated by App Check (Play Integrity, App Attest, reCAPTCHA v3). Stops bots and replay attacks at the door.
DPDP Act 2023 ready
Indian data stays in asia-south1 (Mumbai). Consent collected at signup. Purpose limitation enforced. Right-to-erasure workflows in place.
Audit trail on every message
Every WhatsApp and push notification is logged with timestamp, recipient and delivery status. Settle disputes with evidence — not opinion.
Infrastructure
Batcho runs entirely on Google Cloud Platform via Firebase. The database (Firestore), authentication, file storage, serverless functions, hosting and push notifications are all managed services backed by Google's security and uptime guarantees. Indian customers' data lives in the asia-south1 (Mumbai) region.
Encryption
All data is encrypted at rest with AES-256 and in transit with TLS 1.3. Customer-specific encryption keys are managed by Google Cloud KMS. We never store or have access to raw payment credentials — those are handled exclusively by Razorpay or Stripe under PCI-DSS Level 1 certification.
Access control
Five distinct roles — super-admin, owner, admin co-trainer, co-trainer, student/parent — are enforced through Firebase custom claims. Co-trainers can only mark attendance for batches explicitly assigned to them. Cross-tenant access is technically impossible because every Firestore rule scopes reads and writes to the authenticated user's tenant ID.
Compliance
Batcho is designed to comply with India's Digital Personal Data Protection Act 2023, Singapore's PDPA, and the United Kingdom's UK GDPR. Subject access requests, deletion requests and portability requests are honoured within 30 days. Reach compliance@batcho.co for a detailed Data Processing Agreement.
Incident response
We monitor Firestore rule denials, App Check failures, and webhook signature mismatches in real-time. Any suspected breach triggers an internal incident response within one hour and is communicated to affected customers within 72 hours, as required by the DPDP Act.
Report a vulnerability
Found a security issue? Please email security@batcho.co with the details. We acknowledge within 24 hours and reward responsible disclosure.