It depends on what you mean by "privacy."There are at least three separate concerns:
Does the client send telemetry? Does it sync your collections or API definitions to a cloud service? Do your API requests transit through a third-party server, or are they sent directly from your machine?
Those matter much more than whether the client is Postman, Thunder Client, or something else.
Your questions is rather general. But a try:
"What’s the best Postman alternative if privacy is a concern — Postmate Client vs. Thunder Client?"
- Always use a local client (100%) that you fully control.
- Be aware tat many providers have advanced finger printing techniques. So reaching out to a remote API is always a severe privacy risks! At least when you make an API call from you 'own' computer/home/work to an API-service.
- Most 'tools' for making API tools use telemetry. If you use a tool within a IDE that uses Telemetry you could be harmed twice. (E.g. VSCode with Thunder Client)
Those matter much more than whether the client is Postman, Thunder Client, or something else.
- Always use a local client (100%) that you fully control. - Be aware tat many providers have advanced finger printing techniques. So reaching out to a remote API is always a severe privacy risks! At least when you make an API call from you 'own' computer/home/work to an API-service. - Most 'tools' for making API tools use telemetry. If you use a tool within a IDE that uses Telemetry you could be harmed twice. (E.g. VSCode with Thunder Client)