Permissions

iPhone permissions, explained

Every time an app asks for your location, your camera, or your contacts, you’re making a small decision with a real consequence. Here’s what each permission actually grants, in plain English — and what’s worth asking before you tap Allow.

How iOS permission levels actually work

Not every permission uses all three levels — Bluetooth and notifications are closer to a straight yes/no, while location and background app access can go further. But these are the three concepts worth understanding, because they show up across most of iOS.

Not granted
The app has no access to this permission at all. It cannot read the data or trigger the sensor, full stop.
While using
Access is limited to the moments the app is open and on your screen. Close it, and the access stops.
Always
Access continues in the background, indefinitely, whether or not you have the app open. This is the level worth questioning most.

Location

What it really grants. iOS offers three levels: Never, While Using the App, and Always. “While Using” limits access to the moments the app is open on your screen. “Always” lets an app check your position at any time, including in the background, for as long as it’s installed.

The risk. Always-on location access can build a movement profile without a single dramatic moment: your home address, your workplace, your gym, your place of worship, your doctor’s office — all inferred from where your phone spends time. That profile is valuable to advertisers and data brokers even if nothing is ever “hacked.”

Worth asking: does a flashlight app need to know where you are when you’re not using it?

Camera

What it really grants. Camera access lets an app capture photos or video whenever you actively trigger it. iOS shows a green indicator dot in the status bar the whole time it’s active, so you can tell when it’s in use.

The risk. The camera can only be used in the foreground on iOS, but an app that requests camera access without an obvious photo or video feature is worth a second look — especially if it also wants photo library or microphone access, which together can capture far more than a single feature needs.

Worth asking: does this app actually do anything with photos or video, or did it just ask by default?

Microphone

What it really grants. Microphone access enables audio recording while the app is running. An orange indicator in the status bar shows exactly when it’s active, and Control Center can tell you which app used it most recently.

The risk. Recorded audio reveals more than words — tone, background noise, and who else is in the room. Apps with no calling, voice memo, dictation, or music feature rarely have a real reason to ask for it.

Worth asking: does this app let you talk to it or record something — or was the permission just bundled in?

Contacts

What it really grants. Full access lets an app read every name, phone number, email address, and note in your address book — not just information about you, but about everyone you know.

The risk. Contact access is routinely uploaded wholesale to a company’s servers to “find friends already using the app.” Your friends and family never agreed to that, and the data can remain on a server long after you delete the app that collected it.

Worth asking: does this app need to see your friends’ phone numbers, or just yours?

Photos

What it really grants. Since iOS 14, you can choose “Selected Photos” — granting access to specific images only — or “All Photos,” which hands over the entire library, including items in Recently Deleted.

The risk. Photos carry hidden metadata: GPS coordinates for where each one was taken, timestamps, and device details. Full library access means an app can read the location history baked into years of photos, not just the ones you’d choose to share.

Worth asking: could you pick individual photos instead of handing over the whole library?

Tracking (App Tracking Transparency)

What it really grants. When an app asks to “track,” it’s requesting permission to link your activity in that app with your activity in other companies’ apps and websites — usually through your device’s advertising identifier — to build a cross-app profile for ad targeting.

The risk. This is the one permission that’s about advertising, not app function. Declining “Allow Tracking” essentially never breaks a feature; it just stops that company from following what you do elsewhere.

Worth asking: has saying no to this prompt ever changed what an app could actually do for you?

Bluetooth

What it really grants. Bluetooth access lets an app detect and connect to nearby devices — headphones, fitness trackers, smart-home gadgets — and scan for what else is broadcasting around you.

The risk. Retailers and other apps use Bluetooth scanning as a stand-in for GPS, tracking which stores, aisles, or rooms you’re near without ever requesting location access directly.

Worth asking: do you actually own a Bluetooth accessory this app is supposed to connect to?

Notifications

What it really grants. Notification permission lets an app send alerts, badges, and sounds — even when it’s closed. iOS asks separately for this the first time an app wants to use it.

The risk. Notifications aren’t a data-access permission the way location or camera are, but they’re an open channel a company can use indefinitely for re-engagement and marketing, not just the update you actually signed up for.

Worth asking: are the alerts you’re getting ones you asked for, or a stream of “come back” nudges?

Health

What it really grants. Health access is granular: activity, sleep, heart rate, reproductive health, medications, and more are each a separate toggle you control individually in the Health app.

The risk. Health data is some of the most sensitive information on your phone. Even a narrow slice — sleep patterns or heart rate — can reveal medical conditions, pregnancy, or mental health patterns you never explicitly shared.

Worth asking: does this app need your medical data, or just your step count?