Every time you browse a website, download an app, or sign up for a new service, you leave a digital trail. This trail is made up of your browsing habits, location data, personal preferences, contacts, and even your real-time activity. Without actively managing your privacy settings, this information can be harvested, shared, sold, and in some cases, exploited by malicious actors.
At Leaf Technologies, we work with businesses and individuals across South Africa to strengthen their cybersecurity posture. One of the most consistent — and preventable — vulnerabilities we encounter is this: people leave their privacy settings at factory defaults. Default settings are almost always configured to collect the maximum amount of data, not to protect you.
Your digital privacy does not protect itself. Keeping your privacy settings on means you decide what information you share, with whom, and for what purpose. That control is invaluable.
South Africa’s Protection of Personal Information Act (POPIA) gives you the right to privacy and control over your personal data. However, exercising that right requires you to actively manage your privacy settings — the law alone cannot protect you if you leave your data exposed.
Table of Contents
- Why Privacy Settings Matter More Than Ever
- What Apps & Websites Collect Without You Knowing
- Privacy Settings Guide by Platform
- Securing Privacy on Mobile Devices
- Social Media Privacy: Lock It Down
- Browser Privacy: Your Online Footprint
- Advanced Privacy Tips from Leaf Technologies
- Common Privacy Mistakes to Avoid
- Conclusion: Privacy Is an Active Choice
Why Privacy Settings Matter More Than Ever
The digital landscape has changed dramatically. Every app, website, and connected device is a potential data collection point. According to recent research, 91% of people feel they have lost control of their personal data — and it’s not hard to see why. In 2024 alone, the largest known data breach exposed 2.9 billion records, and the average cost of a data breach in South Africa reached R2.7 million.
What makes this particularly alarming is that 74% of data breaches involve the human element — and one of the most common contributing factors is misconfigured or ignored privacy settings. The risk is real, and it affects everyday users just as much as large organisations.
Privacy settings are your first and most accessible line of defence. They determine what data apps and platforms can collect, who can see your information, and how your digital footprint is managed. When left at their defaults, most platforms are configured to gather as much data as possible — not to protect you.
What Apps & Websites Collect Without You Knowing
Understanding what gets collected when your privacy settings are off — or left at default — is the first step toward taking back control. Here is what many apps and platforms routinely gather:
- Location data — Your precise GPS coordinates, updated in real time, even when the app is running in the background.
- Contact lists — Many apps request access to your entire address book, including details of people who never agreed to share their data.
- Microphone and camera access — Apps with these permissions can, in some cases, record audio or video in the background.
- Device identifiers — Your phone’s unique identifiers allow advertisers to track you across multiple apps and platforms without your knowledge.
- Browsing history — Especially through browser extensions and ad networks, your full browsing history can be profiled and sold.
- Behavioural patterns — How long you spend on content, what you tap, scroll past, or re-read is monitored and used to build an advertising profile.
- Financial activity inferences — Even without direct banking access, apps can infer your income bracket and spending habits from usage patterns.
“If you’re not paying for the product, you are the product. Your data is the currency — and without privacy settings, you’re spending it without knowing.”
| Platform |
Where to Find Privacy Settings |
Key Action to Take |
| Google Account |
myaccount.google.com → Data & Privacy |
Turn off Web & App Activity and Ad Personalisation |
| Facebook / Meta |
Settings & Privacy → Privacy Checkup |
Limit who sees your posts; turn off Off-Facebook Activity |
| Instagram |
Settings → Privacy |
Set account to Private; limit activity status visibility |
| WhatsApp |
Settings → Privacy |
Disable read receipts; set profile photo to “My Contacts Only” |
| Windows 11 |
Settings → Privacy & Security |
Disable diagnostics sharing, location tracking, and ad ID |
| macOS / iOS |
System Settings → Privacy & Security |
Review app permissions; enable App Tracking Transparency |
| Android |
Settings → Privacy |
Use Permission Manager; disable ad personalisation |
| LinkedIn |
Settings → Visibility |
Turn off profile view sharing; control third-party data exports |
Securing Privacy on Mobile Devices
Your smartphone is arguably the most data-rich device you own. It knows where you are, who you talk to, what you buy, how you exercise, and even how you sleep. Keeping your mobile privacy settings properly configured is critical.
App Permissions: The Golden Rule
Only grant an app the permissions it genuinely needs to function. A flashlight app has no legitimate need for your contacts or location. A photo editor does not need microphone access. Apply the principle of least privilege — give apps only what they absolutely need, and nothing more.
- Regularly audit app permissions through your phone’s Privacy or Permissions Manager.
- Revoke location access for any app that doesn’t require it to function.
- Switch location access from “Always” to “Only while using the app” wherever possible.
- Disable background app refresh for apps that don’t need it.
- Turn off personalised advertising in your device settings — both iOS and Android offer this option.
- Use the built-in privacy reports (available on iOS under Settings → Privacy & Security → App Privacy Report) to see which apps are accessing your data and how often.
Leaf Technologies Tip: On Android, go to Settings → Privacy → Permission Manager. On iPhone, go to Settings → Privacy & Security → App Privacy Report. Make it a monthly habit to review these reports — you’ll often be surprised by what you find.
Social media platforms are designed to maximise data collection. Every like, share, comment, and even how long you pause on a post is tracked and used to build a detailed profile about you. Using social media without configuring your privacy settings is one of the most common — and avoidable — risks people take online.
Facebook & Instagram
Use the Privacy Checkup tool on Facebook to walk through who can see your posts, your friend list, and your profile information. On Instagram, switching to a private account ensures only approved followers can see your content — a simple but powerful first step.
LinkedIn
Professional networking doesn’t mean leaving all your career and personal data open. In LinkedIn’s privacy settings, you can control who sees your connections, disable profile view tracking, and opt out of data sharing with third-party partners.
TikTok & Emerging Platforms
Newer platforms often have the weakest default privacy protections. Always set your account to private immediately upon creating it — before you post anything. Review what data the app requests access to, and if the permissions seem excessive, consider whether the app is worth the risk.
Warning: Oversharing on social media — especially your location, daily routine, and personal milestones — can make you a target for social engineering, phishing attacks, and even physical crime. Share only what’s necessary, and with the right audience.
Browser Privacy: Your Online Footprint
Your web browser is the window through which you see the internet — and it can also be the window through which the internet sees you. Default browser settings typically allow cookies, tracking scripts, and data collection from virtually every website you visit.
- Use a privacy-focused browser such as Firefox, Brave, or Safari, which offer stronger built-in tracking protections than Chrome by default.
- Enable “Do Not Track” in your browser settings (note: this relies on websites to honour the request).
- Install a reputable ad and tracker blocker such as uBlock Origin.
- Regularly clear your browsing history, cookies, and cached data.
- Avoid saving passwords directly in your browser — use a dedicated password manager instead.
- Be cautious with browser extensions: they can have extensive access to your browsing activity. Only install extensions from trusted, verified developers.
- Use private or incognito mode on shared devices — but remember, this does not hide your activity from your ISP or employer network.
- Consider using a reputable VPN (Virtual Private Network) when connecting on public Wi-Fi to encrypt your connection.
Advanced Privacy Tips from Leaf Technologies
Once you’ve covered the basics, these additional steps will significantly strengthen your privacy posture — particularly for businesses and high-value individuals in South Africa.
Enable Two-Factor Authentication (2FA) Everywhere
Two-factor authentication adds a second layer of verification to your accounts. Even if someone obtains your password, they cannot access your account without the second factor. Enable 2FA on every account that supports it — prioritising your email, banking, and social media accounts first.
Use Unique, Strong Passwords
Password reuse is one of the most common causes of account compromise. Use a password manager such as Bitwarden, 1Password, or NordPass to generate and securely store unique, complex passwords for every account. Never reuse passwords across different services.
Review Connected Apps Regularly
Over time, you grant many third-party apps access to your core accounts like Google, Facebook, or Apple ID. Regularly review and revoke access to apps you no longer use. Both Google and Facebook provide dedicated dashboards where you can manage all connected third-party applications.
Encrypt Your Devices
Enable full-disk encryption on all your devices. Modern smartphones encrypt by default when you set a PIN or passcode. On Windows, enable Bitlocker. On Mac, enable FileVault. This ensures that even if your device is stolen, your data cannot be easily accessed without your credentials.
Be Wary of Public Wi-Fi
Public Wi-Fi networks in shopping centres, airports, and coffee shops are prime hunting grounds for cybercriminals. Avoid accessing sensitive accounts or conducting financial transactions on public networks. If you must connect, always use a VPN to encrypt your traffic.
Leaf Technologies Pro Tip: Set a recurring calendar reminder every three months to audit your privacy settings across all major platforms. Technology and app permissions change frequently — what was adequately protected last year may not be today. A quarterly privacy review is a healthy habit for any digital citizen or business.
Common Privacy Mistakes to Avoid
- Skipping the Terms & Conditions: Tools like tosdr.org offer quick plain-language summaries.
- Clicking “Accept All” on cookie banners: Take a moment to decline non-essential cookies.
- Using the same email for everything: Use a secondary email for sign-ups and competitions.
- Ignoring operating system updates: Updates contain critical security patches.
- Oversharing location data: Think twice before tagging your home or workplace.
- Downloading apps from unofficial sources: Only use the Google Play Store or Apple App Store.
- Assuming private/incognito mode means invisible: Your ISP and websites can still see your activity.
Conclusion: Privacy Is an Active Choice
Your digital privacy does not protect itself. In a world where data is currency, keeping your privacy settings on is one of the most empowering decisions you can make. It’s not about being paranoid — it’s about being informed and in control.
At Leaf Technologies, we are passionate about empowering South Africans with the knowledge and tools they need to stay safe online.
Contact Leaf Technologies Today
Published by Leaf Technologies · Cybersecurity & IT Solutions, South Africa · 24 April 2026
