Whether you’re using Avast Secure Browser for Android or iPhone, at some point you’ve downloaded an app and it asked for permission to access your photos or your location or maybe even information from your social media profiles. If you take the time to read the permission requests, it can be a little jarring. But while some of those app permissions are sketchy and unnecessary, others are essential for apps to do the things they’re designed to do.

So how do you tell the difference? Here’s a breakdown of which app permissions are necessary, which are sketchy, and how to protect yourself.

Why do some apps need permissions?

The majority of time, apps need permissions because they need that information in order to function. So, for example, Google Maps will ask for permission for your location because it has to know your location in order to tell you how to get from place to place. Less directly, Instagram also asks for your location, so it can suggest location tags.

Those are two examples of app location permissions that make sense. However, while Google Maps needs permission to access your location in order to function, Instagram simply wants permission to access your location in order to provide a few features. It doesn’t need it. It’s up to you decide if you want that location feature — or not. Instagram will still provide you with a stream of pictures, even if you don’t share your location. Google Maps, on the other, will be pretty useless.

What are some common app permissions?

There are some common app permissions that a lot of apps ask for. Here’s a list of some you might see, and a quick explanation of what they’re used for.

Location permissions

There are two common location permissions that an app might ask for: network based location and GPS location. Network based location lets them figure out your approximate location, based on nearby cell towers and wifi access points. GPS location allows them to figure out your exact location, using GPS, cell towers, or wifi access points.

Camera access

Some apps take photos. Others let you video chat. Those apps need access to your camera. Others probably don’t.

Modify, delete, and read storage

This permission gives an app access to files on your computer — including your photos. Some need access in order to create temporary logs, while others (like Instagram) need access in order to allow you to share saved images. This is one that you should scrutinize when it pops up, as it does give some access to potentially personal files.

Read your contacts

While some apps definitely need your contacts to function, most don’t. They may be asking so that they can autocomplete names, so that you can more easily share content, or to spam your contacts in search of new users, as LinkedIn so infamously did.

Phone status and identity

This permission allows apps to recognize when you’re getting a call and pause the app while you answer it.

Full network access

Allowing full network access means you’re giving an app permission to access the internet via your device. Most apps needs the internet to function, so despite the scary-sounding name, this one usually makes sense.

Read and send text messages

Apps might want permission to read or send text messages on your phone because they’re a messaging app or because they need it order to utilize two-factor authentication.

What app permissions should you be aware of?

So far, app permissions look pretty innocuous, right? Obviously Google Maps needs to know your location! The problems arise, however, when apps pack a bunch of permission requests in together, including ones that they don’t need.

Developers sometimes include app permissions they don’t need as a mistake, but sometimes — maybe even often — they’re put there on purpose. The point of those permissions is to gather data about you, the user. That data can then be packaged and sold to a third party, without your knowledge or permission.

Well, it’s technically with your permission. Because if you click “yes” on that list of app permissions, then you’ve given away your right to the information that those apps collect.

Do apps have malware?

Another issue — especially for Android — is that some apps have malware. Giving them access to deep parts of your phone puts you at further risk than you might be from just downloading the app. The best way to protect yourself from malware-infected apps is to only download apps from trusted sources, like the Google Play store.

How to protect yourself

So what do you? The most important thing you can do is read the app permission requests. Then, ask yourself: Does this app really need this permission in order to function? If the answer is “no,” then you shouldn’t authorize it. And if the app won’t let you use it without that permission — and you’re sure that it doesn’t really need it — don’t use that app. Find a different one that does a similar thing.

Another thing you can do is view the app permissions for an app before you download it. On Android, simply scroll down to the bottom of the app’s page in Google Play and there’s a link for app permissions. Check those out before you download, so you’re not caught trying to decide last minute about whether or not they’re necessary.

You can also manage your app permissions on both iPhone and Android, even after you’ve granted permission. On Android, go to the Settings app, the click on Apps. That will bring up a list of all of the apps you have installed on your phone. Click on any app and then scroll down to App Settings to see which permissions you’ve authorized. You can then turn any permission on or off at any time.

On iOS, you’re also going to go to the Settings app. Scroll down to the list of apps at the bottom of the screen, tap on the app, and then choose which permissions you want that app to have and which ones you don’t.

Now that you know that not all app permissions are necessary — and that not all of them have your best interests in mind — it might be a good idea to go to the settings on your phone and review what permissions you’ve enabled. Pay particular attention to games and other “non essential” apps that may have asked for more than you realized at the time.