Why deben has no internet permission
By Tarek Raafat ·
Privacy policies are promises. Code is proof. deben's strongest privacy feature is not a setting you toggle or a paragraph in a policy; it is the absence of a permission. deben ships with no internet access at all, and that single fact does more for your privacy than any promise could.
A promise you can verify
On Android, an app cannot make a network connection unless it declares the internet permission in its manifest. deben declares none. You do not have to take that on faith: an app's permissions are visible, and "no internet" is the kind of claim you can check rather than believe. A promise you can verify is worth more than one you cannot.
What "no internet" rules out
When an app cannot reach the network, a whole category of risks simply disappears. There is no server holding your data to be breached. There is nothing travelling across the network to be intercepted. There are no analytics quietly logging what you do, no ads calling home, no background sync you did not ask for. Your transactions and messages cannot leak, because there is no door for them to leave through.
The trade-offs we accept
This choice costs something, and we make it on purpose. There is no cloud sync and, for now, no automatic sharing between devices. Instead, backups are made on the device and encrypted with a password only you hold, so you stay in control of your own copy. For money data, we think being unreachable is the right trade.
Why we built it this way
Most apps ask you to trust that they will handle your data well. deben is built so that trust is not required: it cannot mishandle what it can never send. That is the whole idea behind the app, and this is the clearest place it shows. You can read more on Security and in the Privacy Policy.