What Your Apps Ask For (And Why That Actually Matters)
Last month, a user emailed me a screenshot. Twenty-three apps requested location access. She'd granted most of them without thinking. The question she asked was simple: 'Do they all actually use it?' That email landed the week we shipped the data exposure profile in Personal Pro.
The Permission Assumption Gap
Most people assume that if an app can request a permission, it uses it. That's not how it works. iOS lets developers ask for location, contacts, photos, calendar data, and more. But asking isn't the same as accessing.
When you install Instagram, it asks for camera access. When you open Candy Crush, it asks for location. You grant the permission because the prompt appears and it's easier to tap Allow than to think about what happens next. The real story plays out differently: some apps genuinely need that permission. Others requested it years ago during development and never use it. Some use it once a year. And some use it constantly in ways you'd never expect.
Guard doesn't pretend to see what iOS itself hides from third-party apps. The iOS sandbox is strict by design. We can't audit whether an app actually accesses your microphone or camera right now; iOS doesn't expose that telemetry to us. What we can do is show you the permission surface area. Show you which apps requested what. And help you understand the difference between the two.
How the Profile Actually Works
The data exposure profile in Personal Pro is a visual breakdown. It shows the 12 common apps in the demo dashboard, lists the permissions each one typically requests, and groups them by risk level. Contacts. Location. Photos. Clipboard. Calendar.
Tap into the profile and you see which apps have asked for access to sensitive categories. The privacy risk score you already see on each app in the Free tier gets context here. It's not a score in a vacuum. It sits alongside the specific permissions that drove that score.
Then comes the part that actually changes behavior: the deep-link to iOS Settings. If you want to revoke a permission, you don't need to memorise which Settings submenu to visit. Tap the permission and Guard takes you straight there. You revoke it. You come back. The profile updates. It's designed for people who want to understand their exposure and then do something about it, not people who want to read a report and file it away.
Why a Demo Set, Not a Scanner
We chose 12 common apps for the dashboard because those are the ones that matter most for most people. Photos. Maps. Weather. Banking. Social. Email. Messaging. We've seen the questions a thousand times: does WhatsApp really need my location? Why does Spotify want my photos?
A full system-level permission scanner sounds powerful. But iOS doesn't work that way. Apple's sandbox prevents third-party apps from auditing other third-party apps' actual permissions. We could pretend we scan your entire device. We chose not to. Instead, we built something honest.
The profile teaches you how to think about permissions. It gives you a starting point with the apps you actually use. And it gives you a way to act on what you learn. That approach works better for the people we built Guard for: privacy-conscious users who want clarity and control, not false certainty.
Permission Breakdown in Real Time
Personal Pro adds real-time alerts. If an app you've approved requests a new permission, you'll know. That matters because app updates happen quietly. A social app adds camera access in version 8.2. A utility adds location tracking in an update you install while half-asleep.
The permission breakdown chart shows you the cumulative picture. How many apps have requested location? How many want calendar access? Which permission categories are most commonly requested across your installed apps? It's not about judgment. It's about pattern recognition. If 19 of your 20 installed apps request location, that's normal. If one app does, it's worth noticing.
I've watched people use this feature in different ways. Some use it as a monthly audit. Others check it after installing something new. One parent in our beta used it to understand why her daughter's fitness app needed access to her contacts. Once she understood the permission mapping, she could make an informed choice about whether to grant it.
The Tracking Detail Layer
Tracking is different from permissions, though they overlap. An app can use Apple's tracking framework without necessarily accessing your location. It can still know things about your behaviour through other means.
Personal Pro shows tracking app details. Which apps declare that they track you via Apple's own framework. This sits alongside the permission profile because the full picture requires both layers. Some apps request location and tracking. Some request only tracking. Understanding the difference matters when you're deciding what to allow.
We don't claim to see every tracking mechanism. We show you what the app itself declares and what iOS exposes to us. That's honest. It's also useful. It's enough to shift how you think about what you've installed.
From Data To Decision
The whole point of the data exposure profile is motion. You see what your apps asked for. You understand which permissions matter and which ones you're comfortable revoking. You take action without friction. Deep-link, revoke, done.
That's why it's a Personal Pro feature and not Free. The Free tier gives you the risk score and the basic dashboard. That's enough for someone who wants a quick health check. Personal Pro is for someone who wants to audit seriously and then change their settings. Real-time alerts, tracking detail, the permission chart, and the exposure profile work together as a system. You're not just reading about your privacy. You're managing it.
When that user who emailed me about her 23 location permissions tried the profile, she revoked access for 17 of them. Some she'd never intentionally granted. Others she realised she didn't need. A few she kept because she understood why the app needed them. That email taught us something: people don't want privacy features that make them feel paranoid. They want clarity and the tools to act on it.
If you installed an app today and it asked for three permissions, how many would you actually know it was using six months from now?