Smartphone apps are a beautiful invention: From tracking your workouts to helping you meditate, they can make life a helluva lot easier and healthier. But they also collect a treasure trove of personal information. And despite increasing scrutiny of privacy practices, many apps still do whatever they please with that info.

"There's really a big spectrum out there, [from] you effectively giving all of your data away to be used or sold to others, to [having] really strong protections on user privacy," says Nicholas Evans, Ph.D., a bioethicist at the University of Massachusetts Lowell.

The level of privacy you can expect depends on what kind of phone you have, where you live and, yes, how careful you are. Example: Evans says Apple requires iPhone health apps to be reviewed for privacy issues before going into the app store-so there's a layer of protection built in for users. But it's really only for health apps that work with Apple's built-in health app, says Evans. Stand-alone commercial tools and programs-think Fitbit, or Nike running apps-aren't regulated as well, meaning they may be using your information in ways that you never anticipated.

Android users, on the other hand, are more at risk. German researchers recently completed detailed reviews of 60 different Android health apps and found that none of them-that's a big fat zero-followed best practices for telling users about privacy. Which means that you likely aren't aware of what you're agreeing to when you type in personal info and agree to random pop-up notifications (Did you know that a lot of fitness apps don't have a privacy policy at all?)

Why would companies auction off your info, regardless of privacy ethics? To put it bluntly, it's to make money. Think about it: Most of the apps you use are probably free, and they have to make money somehow. Selling data to other companies-like advertisers who want to target you with ads, and insurance companies that use info to set your premiums-is the way to bring in a profit, says Evans. And yes, it's likely that the app promises your name will be removed from any data they collect and sell. But by cross-indexing anonymous health data with other information floating on the Internet, it's not all that difficult for a data buyer to connect the dots and identify you. Yep, it's not just ex's who are stalking you online.

So, how can you tell if an app respects your privacy? First, the Federal Trade Commission in 2016 issued guidelines that every app is supposed to conform to, but if you're in doubt, read over the app's privacy policy-you should have been required to approve it before using the app. (Regardless, you can usually access an app's privacy policy in the app's help or settings sections.) It should always explain in clear, plain language what data is collected and who will see it once you tap approve. If it seems murky or if approval wasn't required at all, then Evans suggests deleting it from your phone. (Those fitness apps may not be helping you lose weight, anyway.)

Keep in mind that apps aren't the only things collecting personal data, either. Your phone itself does too, and you can adjust the privacy settings to control an app's ability to get into sensitive data like your location, contacts, photos, and calendar, says Evans.