How it's built.
Claims are easy. This is the architecture underneath them — how Verdant software is built so your data stays yours, and how you can tell.
Encrypted before it leaves your hands.
Your numbers are encrypted on your device before they ever sync. The server holds ciphertext and nothing else — there is nothing on it for anyone to read, including us.
Local-first, not cloud-first.
Your data lives on your device and works offline. The network is a convenience for syncing, never a requirement for using what's yours.
Nothing watching the ledger.
No ads, no analytics SDKs, no third parties in the data path. The business model is the old one: you pay for the software. That's the whole arrangement.
If it can be read here, that's a bug.
Privacy isn't a setting to switch on — it's the default the software is built around. Anything that exposes your data counts as a defect, not a feature.
Checkable, right now
What this very page sends back.
Open your browser's network inspector on this page. These are the security headers every response carries — not a promise, a fact you can read off the wire.
-
X-Frame-OptionsSAMEORIGINCan't be silently embedded in another site. -
X-Content-Type-OptionsnosniffBrowsers honour declared types — no guessing. -
Referrer-Policystrict-origin-when-cross-originLeaks no path data to other origins. -
Permissions-Policycamera=(), microphone=(), geolocation=()The site asks for none of these. Denied outright.
This is a static site — no server-side database, no account, no tracker to opt out of. The only way to reach the studio is an email you choose to send.