Verified Claims

Updated 2026-05-19

Every marketing claim Penno makes on its landing page and in the App Store description is listed here with the method you (or anyone) can use to verify it. Privacy claims that can't be verified aren't real privacy claims.

Verified

Penno makes zero network calls about user finances.

No transaction data, budget data, debt data, or category data is sent anywhere by Penno.

How to verify: Apple's iOS privacy report (Settings → Privacy & Security → App Privacy Report) tracks every outbound network request from every app on your device. Enable it, use Penno for a week, then review. You'll see Penno makes no outbound requests beyond standard App Store telemetry (which is at the OS level, not Penno's).

Verified

No personal identifiers are collected.

Penno does not collect your name, email, phone number, device identifier, or any other piece of data that could be used to identify you as an individual. The app contains no signup, no login, no account, and no user-ID generation.

How to verify: Apple App Store listings include a "Privacy" section showing what each app collects. Penno's listing shows no personally identifying data is linked to the user. Apple audits the binary to verify these declarations match what the code does.

Verified

No advertising SDK is included in the app binary.

No AdMob, no Meta Audience Network, no IDFA-based ad tracking.

How to verify: The App Store privacy listing rules out advertising-purpose data collection. The app contains no ad-display surface anywhere in the UI, which would be impossible if an ad SDK were present.

Verified

No bank-aggregation SDK is included in the app binary.

No Plaid, no MX, no Yodlee, no Finicity. The app has no UI for entering bank credentials because the code to handle them doesn't exist.

How to verify: Search the App Store listing for "bank" — Penno doesn't appear in queries that filter for bank-linking apps because Apple's category metadata reflects what's actually in the binary. Independent verifiers can also inspect the IPA on a jailbroken device to enumerate linked SDKs.

Verified

No account is required.

The first time the app is opened, the user goes directly to the budget UI. No signup screen, no email collection, no password setup, no Sign in with Apple, no anonymous user ID.

How to verify: Install the app and open it. The absence of a signup screen is the proof — there is no possible way to enter an account that the app doesn't request.

Verified

No subscription, no in-app purchases.

One-time App Store purchase. No monthly fee, no annual renewal, no Pro tier, no IAP of any kind.

How to verify: Apple App Store listings show "In-App Purchases: No" when an app has no IAP. Penno's listing confirms this. After purchase, no recurring charges appear in the user's App Store subscription list.

Verified

Data is stored only in a SQLite file on the user's device.

The file is named budget-planner.db and lives in the Penno app container on the device.

How to verify: Files app → Browse → [iCloud Drive (if app data sharing on)] or via Mac Finder → device sync → app data. The file is readable with any SQLite browser. Anyone can inspect it themselves — and confirm there is no remote endpoint copy.

Verified

Deleting the app deletes the data.

No server-side copy exists, so deletion is final.

How to verify: Delete and reinstall. The app opens fresh with no prior data, no "restore from cloud" prompt — because there is no cloud to restore from.

Verified

10 languages supported in-app.

English, Turkish, German, French, Spanish, Italian, Brazilian Portuguese, Japanese, Korean, Arabic. Arabic with full RTL UI.

How to verify: Settings → Language. Switch to any of the 10 — every screen updates. For Arabic, the entire layout flips right-to-left.

If you spot a claim on this site or in the App Store that isn't documented here, please flag it to [email protected]. The standard for what we say in marketing is the same as the standard on this page.