Every new device ships with privacy settings configured for the manufacturer’s benefit, not yours. Spending twenty minutes on setup before you start using it is far easier than trying to audit it later. Here’s what to change regardless of whether it’s an iPhone, Android, Windows PC, or Mac.
On any smartphone: location, tracking, and diagnostics
Location Services. Don’t give every new app location access during setup. Deny it by default, then grant it specifically to apps that clearly need it. On iPhone: Settings → Privacy & Security → Location Services — set new apps to “Ask Next Time.” On Android: Settings → Location → App permissions — review each category.
Ad tracking. Both platforms assign an advertising identifier to your device. On iPhone (iOS 14.5+): Settings → Privacy & Security → Tracking → toggle off “Allow Apps to Request to Track.” On Android: Settings → Privacy → Ads → Delete advertising ID.
Analytics and diagnostics. On iPhone: Settings → Privacy & Security → Analytics & Improvements → disable “Share iPhone Analytics.” On Android: Settings → Privacy → Usage & diagnostics → off. This limits what usage data is sent back to Apple and Google.
Personalized ads. On iPhone: Settings → Privacy & Security → Apple Advertising → turn off “Personalized Ads.” On Android: Settings → Privacy → Ads → Opt out of Ads Personalization.
On iPhone specifically
During initial setup, decline Siri & Dictation improvements (your voice recordings won’t be used to train the model). Decline sharing data with app developers. In Settings → Siri & Search, review which apps have Siri access and disable it for apps that don’t need it — Siri integration means those apps’ content can be indexed and used to respond to Siri queries.
Set a six-digit passcode at minimum during setup. If offered Face ID or Touch ID, enable it — it’s more convenient and doesn’t reduce security when configured correctly. Under Settings → Face ID & Passcode (or Touch ID & Passcode), enable it for unlocking and Apple Pay, and require the passcode “Immediately” after the display goes off.
On Android specifically
Android defaults vary significantly by manufacturer (Samsung, Google Pixel, and others configure things differently). After initial setup, go to Settings → Privacy and review each option. Look for Google’s “Personalize using app data” — this allows Google to use your app activity across all apps to personalize ads and recommendations. Turn it off if you’d rather not.
Check Settings → Google → Manage your Google Account → Data & Privacy. Disable Web & App Activity, Location History, and YouTube History if you don’t want Google building a behavioral profile from your device activity.
On Windows
During Windows 11 setup, choose “Custom installation” rather than “Express settings” to review what you’re agreeing to. Post-setup: Settings → Privacy & Security. Disable “Send diagnostic data” (set to “Required” minimum, not “Full”). Turn off Advertising ID. Turn off “Let apps use my advertising ID.” Review Location, Camera, and Microphone sections — by default, many apps have access they don’t need.
Settings → Privacy & Security → Search permissions → disable “Search history on this device.” If you don’t use Cortana, disable it entirely. Review Startup apps (Task Manager → Startup tab) and disable anything you don’t need running at boot.
On Mac
System Settings → Privacy & Security → Analytics & Improvements: disable “Share Mac Analytics” and “Share with App Developers.” System Settings → Privacy & Security → Advertising: disable “Personalized Ads.” Review Location Services and revoke access for apps that don’t need it.
System Settings → Siri: decide whether you want Siri enabled. If you use it, disable “Improve Siri & Dictation” which shares voice recordings with Apple. Enable FileVault (System Settings → Privacy & Security → FileVault) if it isn’t already — this encrypts your drive and is essential if the laptop is ever stolen.
The bottom line
New devices are configured to share. The settings above shift them back toward your control. None of them break functionality — they just stop the background data collection that happens by default. Do it during setup, before you’ve accumulated habits around the device, and you won’t have to think about it again.