Your favorite apps are spying on you.
We download iOS apps and read their compiled code to find the trackers and ad SDKs hidden inside, then tell you whether each app is safe to use.
The findings
Where does your data go?
Out of the 2,020 apps we read, this is how many track you, what they ship to do it, and which category is the worst offender.
of the 2,020 apps we scanned track you across other companies' apps and websites.
ship third-party advertising SDKs baked into the binary.
third-party SDKs in the median app.
of Entertainment apps track you, more than any other. See the ranking →
Method
We read the code, not the marketing.
Privacy labels are self-reported by developers. Binaries don't lie. Every report on this site is built from both, and we show you where they disagree.
- 01
Download
Each app is downloaded from the Apple App Store, the exact binary that installs on your iPhone.
- 02
Unpack
The app bundle is read with static analysis: embedded frameworks, Info.plist permissions, entitlements, background modes. No code is decompiled or reverse-engineered.
- 03
Match
Frameworks are matched against a curated SDK signature table, advertising, analytics, attribution, crash reporting. Detection is deterministic: a signature either matches or it doesn't.
- 04
Compare
Findings are compared against the developer's self-reported App Store privacy label, what the app says it does versus what's actually in the binary.
What we read
- Embedded framework bundles (SDK detection)
- Info.plist permission requests + stated reasons
- Entitlements and background modes
- App Store privacy labels (tracking / linked / not-linked)
What we don't do
- No decompilation or reverse engineering
- No runtime monitoring or traffic interception
- No AI-generated risk scores, facts only
- No pay-to-remove. Reports are never edited for money.
Research
Which app categories track you most?
The cross-category view: tracking rates, the permission heatmap, and what Entertainment apps demand that Health & Fitness apps don't.
View the data →