Contacts (Contacts) is a macOS privacy permission. Contacts permission gives an app read (and sometimes write) access to your macOS Contacts database — names, phone numbers, email addresses, physical addresses, birthdays, and notes for every person in your address book. Common apps that request this permission include Mail, Safari, Zoom, WhatsApp, Fantastical. Risk level: caution. To check which apps have this permission, open System Settings, go to Privacy & Security, and select Contacts. CoreLock identifies all apps with Contacts access and flags those that also have network permissions — meaning they could upload your address book to external servers. It tracks changes to this permission over time so you know when new apps gain access to your contacts.
Contacts permission gives an app read (and sometimes write) access to your macOS Contacts database — names, phone numbers, email addresses, physical addresses, birthdays, and notes for every person in your address book.
Click the Apple menu and select System Settings.
Click Privacy & Security in the sidebar.
Click Contacts. You'll see all apps that have access to your address book.
Email and calendar apps legitimately need contact access. Social media apps, games, and utilities generally do not. Remove access from any app that doesn't have a clear reason to read your contacts.
Go to System Settings > Privacy & Security > Contacts.
Disable the toggle next to any app. It will immediately lose access to your address book.
Revoking access stops future reads, but if the app already uploaded your contacts to its servers, that data may still exist. Check the app's privacy settings for an option to delete uploaded contacts.
CoreLock identifies all apps with Contacts access and flags those that also have network permissions — meaning they could upload your address book to external servers. It tracks changes to this permission over time so you know when new apps gain access to your contacts.
Yes. Once an app has Contacts permission, it can read your entire address book and, if it also has network access, transmit that data anywhere. Many social apps do this to build "social graphs" and suggest connections. Read the app's privacy policy carefully and revoke access from apps you don't trust with your contacts' personal information.
No. Revoking the permission only stops future access. If the app already copied your contacts to its servers, that data still exists there. You would need to contact the app developer or use the app's settings to request deletion of previously synced contact data.
Email clients (Mail, Outlook), calendar apps (Fantastical, Calendar), and communication apps (Messages, FaceTime, Zoom) have legitimate reasons to access your contacts for autocomplete and caller ID. Most other app categories — games, utilities, productivity tools — do not need it.
CoreLock scans every app on your Mac and shows you exactly which permissions each one has. Find hidden access in under 60 seconds.
Download CoreLock FreeAvailable for macOS and Windows