On iOS, I'm often considering using the mobile website of services instead of their app because of possible privacy concerns. Now I'm wondering if this is actually unnecessary.
So my question is: Which device or user data are apps able to collect without granting any explicit permissions?
Can they read my phone number, IMEI, can they see other installed apps etc.?
Let's assume it's a freshly installed app that I've never opened so far.
Best Answer
It might be simpler to approach this from the perspective of what info iOS developers must explicitly ask the user for permission. If it's not included in this list then the user must assume a developer can access that info without asking the user for permission.
As an iOS developer for a few years, I know that Apple locks-down almost all user info. I can access very generalized info such as the device you're using, model number, but I can't tie it to a specific person unless I ask your permission first.
My goal, and hope, is that others will [edit] and add to this answer as more info is found/discovered/released.
Source for the quote below is from Apple's developer docs.
That's pretty broad but it gives you an idea about what developers can't access without asking your permission first. Here's another list from that same document that indicates the data and resources protected by system authorization settings: