Don't trust us. Verify.

Privli's promise is simple: your data never leaves your devices and your local network, and nothing about you is collected. A claim like that shouldn't rest on faith — this page shows how to check it on your own hardware.

What Privli never does

Collect analytics or telemetry — including "anonymous" statistics
Store anything in the cloud
Require an account or login
Contact any server
Track you or send device identifiers anywhere
Embed advertising or tracking SDKs
Sell or share your data — there is nothing to sell

Where your data goes

Your device A

Bluetooth / Wi-Fi · encrypted · local network only

Your device B

No cloud. No relay server. No analytics endpoint.

Test 1 — the airplane-mode test (two minutes, no tools)

An app that depends on the internet stops working without it. Privli never needed it:

1Put both devices in airplane mode, then re-enable only Wi-Fi and/or Bluetooth (no mobile data — or simply unplug your router's uplink).
2Open Privli on both devices.
3Send a file or your clipboard from one to the other.
4Everything works — because it never depended on the internet in the first place.

Test 2 — watch the traffic yourself

For stronger evidence, record the app's network traffic during a full session — discovery, pairing, transfer — and look for any connection that isn't your local-network peer. Expected result: zero external DNS lookups, zero connections to public IPs.

Android

PCAPdroid ↗

PCAPdroid (no root needed): select Privli, capture while you discover and transfer, then inspect the connection list.

macOS

Little Snitch ↗

Little Snitch (or run lsof -i in Terminal): watch Privli's connections during a transfer — you will only see local-network addresses.

Windows / Linux

Wireshark ↗

Wireshark: filter your machine's traffic during a session and check that every destination address is on your own subnet.

“But the Android app asks for the INTERNET permission”

Correct — and it is the strongest-looking objection, so it deserves a precise answer. Android requires the INTERNET permission for any network socket, including the purely local-network sockets (Wi-Fi LAN, Wi-Fi Direct, mDNS) that nearby transfer is built on. Without it, opening any socket throws an exception. A LAN-only app must declare it — that is a platform rule, not a backdoor.

Whether an app actually talks to the outside world is exactly what the traffic test above reveals — which is why we point you at packet captures, not permission lists.

The supply chain

Hidden telemetry usually arrives through third-party SDKs. Privli's dependency list contains no analytics, crash-reporting or advertising SDKs — no Firebase, no Supabase, no Sentry, no PostHog, no Crashlytics. There is no HTTP client wired to any backend, because there is no backend.

What we can and cannot promise

A promise is only meaningful with honest boundaries: we assume your operating system and your network are yours and trustworthy. Privli encrypts transfers between devices and never sends anything beyond your local network — but it cannot protect a device that is already compromised, and how files rest on disk is governed by your OS. What we guarantee is the app itself: it phones no one.

More evidence as we publish it

This page will link each new artifact as it lands: our recorded airplane-mode demo, reproducible packet captures, third-party binary scans, and store privacy labels. If you verify something yourself and find anything that contradicts this page, please email us — your report outranks everything written here. [email protected]

Now try it on your own devices

Download Privli

Why we are building this: Read our vision

← Back to Home