From a networking perspective with a native process and running a firewall such as Little Snitch, you can have exact control over the network connections a process makes, whereas with a web app you typically can't control that very easily.
This! This is why I Little Snitch when I don't trust a app or website. You can inspect all requests that are made to it - https://help.obdev.at/littlesnitch4/adv-traffic-capture
If this is too overwhelming to you, you can start with https://obdev.at/products/littlesnitch-mini/index.html (it's free)