I want to tell you something about the permission Permly asks for.
To block notifications, the app needs BIND_NOTIFICATION_LISTENER_SERVICE. That permission, on paper, allows reading notification content. Messages. Subject lines. The kind of information that, in the wrong hands, could tell you a lot about a person — their habits, their relationships, what apps they use and when.
I don’t use it for that. I never touch the notification payload. The app sees the package name of the app that sent the notification, decides whether to dismiss it based on your active profile, and that’s it. Everything stays local. No server. No analytics SDK. No telemetry.
The reason I’m telling you this isn’t to reassure you after the fact. It’s that this was a constraint I set before writing the first function — not a promise I made afterwards.
My frustration with the current market isn’t with any particular app. It’s with a model.
Somewhere along the way, publishing something on the Play Store became synonymous with monetising attention, collecting behavioural data, and involving third parties that the user never consented to and can’t easily audit. The product you install does the thing on the label. But it also does other things. And those other things are how it pays for itself.
I don’t want to play by those rules. Not because I have some naive illusion that I can fix the industry, but because I’m the one making decisions here, and I’m not comfortable with it. If that means Permly stays small, I can live with that. There will be people whose daily routine gets a little better, and that’s a reasonable outcome.
The pricing model follows from this directly.
No ads means the product has to be worth paying for. No subscription bloat means the Pro features have to actually matter. I settled on three tiers: free (up to 3 profiles, 7 days of stats), monthly ($1.99), and a one-time lifetime purchase ($29.99).
The lifetime price in particular was a gut call. There’s no other revenue stream to fall back on. If people buy it, I can keep developing it. If they don’t, I’ve made a product that works and told the truth about what it does. That felt like the right risk to take.
There will likely be moments of financial pressure — installs growing while subscriptions stay flat, weeks of ad spend with nothing to show for it. I’m deciding now not to revisit the model under that kind of stress. Worst case: a small group of people who actually use it, no money, and a clear conscience. I can work with that.
Here’s the thing about making a privacy commitment structural rather than rhetorical: it actually makes certain decisions easier.
When someone suggests adding analytics to understand user behaviour better — I don’t need to weigh the trade-offs. The answer is already decided. When someone asks why there are no banner ads on the free tier — same. When I’m reviewing a library dependency and notice it pulls in a data-collection SDK — I remove it. Not because I’m particularly disciplined, but because the rule was set at a level above the individual decision.
This is also, I think, a genuine competitive advantage. Not the privacy claim itself — anyone can write “we respect your privacy” in an App Store description. But the architecture. Permly cannot read your notification content by design. There’s no code path that accesses it. That’s not a feature you can fake.
I’m not against subscriptions, ads, or data collection as concepts. I understand why they exist and how they fund things that matter.
I’m against second agendas. The gap between what an app says it does and what it actually does. The implicit deal that comes bundled with free software — one that the user never agreed to explicitly and often doesn’t know about.
Permly blocks notifications. That’s the whole deal. No asterisk.
If that sounds like the kind of app you’d actually want, it’s on the Play Store. If you want to talk about privacy-first architecture or building small products with clear constraints, I’m reachable.