Sorry, but until you present conclusive proof that you don't, we better assume that you do. Unfair? Sure, possibly... But that's just the risk you took in choosing to use the same technology as all the personal info thieves.
I mean, one could also be running around in a supermarket in a balaclava without intending to rob the cashier -- but would you assume someone you saw doing that wasn't going to do exactly that?
You can look at the network tab of your browsers dev tools. You can see everything being exfiltrated that way.
In fact, that's pretty similar to the technique that you'd use to check on a local app too, except it's built into the browser.
I'm not particularly interested in convincing anyone that some app is or isn't leaking their data. If you don't want to use web stuff, don't use it. But I do take issue with assertions that 100% of all web apps must be doing that kind of stuff. It's obviously not true. You can develop your own web app from scratch that doesn't do it, which is sufficient to form a counter-example.
Sure I can. And you can. But to 99% of users, you're talking Greek -- ancient, not modern. And hey, BTW: Can we always? Where's the "Dev tools" menu on my phone browser?
And one counter-example does not a summer make. As long as 99% (typical Internet statistic, i.e. pulled from my mether regions) of web apps harvest your data for sale, that last percent won't get the benefit of the doubt: it's far too difficult and uncertain to find out which percent that would be.
I mean, one could also be running around in a supermarket in a balaclava without intending to rob the cashier -- but would you assume someone you saw doing that wasn't going to do exactly that?