We take security seriously. If you discover a security vulnerability in Amar Batch, please report it responsibly.

DO NOT create a public GitHub issue. Instead, report via:

• Email: mahmud.nubtk@gmail.com (preferred)
• GitHub Security Advisories: Use "Report a vulnerability" feature

Please include:

• Description of the vulnerability
• Steps to reproduce
• Potential impact

Response Timeline:

• Acknowledgment: Within 48 hours
• Initial assessment: Within 5 business days
• Status updates: Every 7 days until resolved

Only the latest version receives security updates. Users should always update to the newest version.

• ✅ Download only from trusted sources (Google Play Store)
• ✅ Keep your device's Android OS updated
• ✅ Use device lock screen (PIN/pattern/fingerprint)
• ✅ Enable Google Play Protect
• ✅ Backup regularly to Google Drive
• ❌ Never install modified/cracked versions
• ❌ Don't root your device unnecessarily

This repository contains documentation only. The actual app source code is private.

If you are a developer reviewing this showcase:

• Never hardcode secrets or API keys
• Always validate user input
• Use parameterized database queries
• Enable ProGuard for release builds

On the device (local only):

• Student names and phone numbers
• Attendance records
• Fee transactions
• Exam marks
• SMS history

Not Collected:

• No data is collected on external servers
• No user tracking or analytics
• No third-party data sharing
• No telemetry

• Location: Device only (SQLite database)
• Backup: Optional Google Drive (user's own account)
• Transmission: No network transmission except optional backup

Users have full control:

• View: All data visible in the app
• Export: Backup to Google Drive or file
• Modify: Edit any information
• Delete: Uninstalling removes all data

Email: mahmud.nubtk@gmail.com Response Time: Within 48 hours

This security policy is reviewed quarterly.

Last Updated: May 2026 Version: 1.0

Questions about security? Contact the developer directly.