Table 1

Proportion of apps sharing user data and type of destination (n=25)

User data typeNo. of apps sharing with their developers (%)No. of apps sharing to infrastructure-related third parties (%)No. of apps sharing to analysis-related third parties (%)
Data considered ‘personal data’*Device ID†5 (20)4 (16)10 (40)
Email address†6 (24)4 (16)3 (12)
Name/last name†6 (24)1 (4)1 (4)
Birthday6 (24)1 (4)0
IMEI number01 (4)0
Password2 (8)1 (4)1 (4)
Host name001 (4)
Fine grain location2 (8)02 (8)
Local IP address2 (8)00
Coarse grain location1 (4)00
Personal factors2 (8)00
Personal conditions1 (4)00
Gender2 (8)00
Data not considered ‘personal data’OS version15 (60)22 (88)25 (100)
Device name11 (44)19 (76)24 (96)
Country3 (12)14 (56)16 (64)
Time zone6 (24)11 (44)20 (80)
Connection type4 (16)4 (16)21 (84)
Phone information1 (4)02 (8)
Browsing1 (4)00
Jailbrokenness001 (4)
  • *Considered personal data under the General Data Protection Rules (GDPR), that is, ‘any information relating to an identified or identifiable natural person’.

  • †Unique identifier.

  • IMEI, international mobile equipment identity; IP, internet protocol; OS, operating system.