For the most part, companies use your information to personalize (and sell) their services to you. But many also sell it to other companies called data brokers that compile detailed profiles with thousands of personal attributes, including your education, purchases, income, and personality. All of this influences the ads, content, and offers you get online and offline. In addition, it increases risk: wherever your data lives, it can be stolen. Because it's valuable, hackers are after it. Data breaches at big companies are common.
Fortunately, there are ways for you to take some control over your data. Devices, online services, and browsers all have privacy settings that give you a degree of control over what's shared and when. In that spirit, we've compiled the following information to highlight what companies collect, as well as what you can limit, so you can take a few minutes to do your own privacy checkup.
Social Media Platforms
What’s Collected: A lot. Social media companies know not just everything you share but also your contacts, what ads or posts you click on, and even where you browse to when you leave the site. This information is often combined with additional data purchased from other companies to create hyper-detailed profiles.
Pay Attention To:
- Who can see your posts. Settings typically include everyone, a large but more limited network (friends of friends), or just people you are directly connected to. It's often best to keep posts limited to a small network of known friends.
- How the platform shares data with other companies. Most sites have a setting around "Apps" that will let you limit sharing of, say, your contacts or posts.
- What you post. Details you share on your feed—pet's name, alma mater—can be used by hackers to guess passwords or answer verification questions. Personal facts make it easier for fraudsters to trick you with fake emails or calls. And there are other security risks: Post that you're on vacation and thieves may know your house is empty.
Web Browsers
What's Collected: Where you surf to and what you do there. Websites have two main ways of tracking you: by your IP address (your device's unique identifier on the internet) and "cookies," little files that let the company trace where you browse after you leave, even if you switch from your computer to your phone. Many sites also embed trackers that feed data to other companies.
Pay Attention To:
- Cookies: You can set your browser to erase cookies every few months, so you’re not storing those you don’t use anymore.
- Location data: The browser can often figure out your location; make sure your settings require sites to ask if they want to access it.
- Browsing activity and search history: Set your browser to automatically delete your history every few months.
- Other trackers: You can download plug-ins that will block ads and limit a lot of the tracking technologies used on sites. These can not only guard privacy but often speed up sites—though using them can also affect functionality on some sites.
Smartphones and Apps
What's Collected: Your phone's operating system has access to a lot of information: location, app habits, tickets you've stored, even health and fitness data. Unless you say otherwise, the apps you use can often access that data, as well as anything collected in the apps—such as your workouts, the places you travel in rideshares, or what's captured on your security camera.
Pay Attention To:
- Phone-level settings: Look in your phone’s settings for "Privacy" to find controls for what the phone's system can collect and share.
- Location tracking: Limit this to apps that need it (maps, fitness trackers)—and then only when you're using the apps. Permissions are often in a "Location" setting.
- Permission levels: Apps usually have to ask to access data like health information, contacts, or your camera and microphone. Again, limit this to essential apps if you don't want companies collecting and selling your data.
Shopping and E-Commerce
What's Collected: Product searches, buying data, wish lists. Shopping is so rich in behavior that if you use one site a lot, the company will likely be able to infer life events, like having a child or moving, and send you targeted ads. In physical stores, rewards cards let companies track purchases, as well as things like the time of day or locations you shop at most.
Pay Attention To:
- Payment info: Don't store your credit card anywhere you don’t have to. Not only does this limit your risk in a breach, but it’s also a great way to control impulsive online shopping.
- Personal information: Unless it's a site you order from a lot, don't store your address and phone number in an account. Again, the fewer places your info lives, the less likely it is to be stolen.
- Loyalty programs: Join only the ones where you can really use the discount or rewards, so you're not giving up your data for nothing.
Yes, It's Worth Reading the Fine Print
We've all been tempted to click "agree" without reading those long privacy policies, but it's worth taking a quick look. While you may not be able to opt out of using the service, understanding what you're agreeing to can help you make informed choices or adjust your settings. When skimming a privacy policy, focus on three key areas:
- Information collected: Are they gathering your name, email, phone number, IP address, or location?
- How is it used: For processing orders, sending marketing emails, or profiling?
- How is it shared: Do they share your data with advertisers, email marketing services, or other third parties?
A quick review can help you stay informed and take control of your personal information.
Take Control of Your Privacy
Our teams created a video to equip you with ways to help safeguard your privacy in different situations.