There's definitely some malware-ridden apps on the Play Store. When it comes to the third-party apps you've connected to your Google Fit account, some have a crazy amount of permissions they have no business accessing. For example, you probably don't want a heart monitor app having access to your personal location data.
Luckily, the Google Fit app has a dedicated section to view all the permissions for your Fit-enabled third-party apps. Fitness apps that you connect to your Google Fit account are also susceptible to permissions abuse. This is no different than any other app you download from the Play Store, so stay alert and check them often! If you find an app is being too intrusive, remove it right away.
To get started, open the Google Fit app to the main home screen, go to the "Profile" tab, then tap the gear icon in the upper-right to access your settings page. From there, go to "Manage connected apps" under the Google Fit data section. Once you're on the main "Connected apps" page, the list will then populate with any third-party apps that you have synced with your Google Fit account.
Tap each entry and look over their requested permissions to make sure they all check out. If one seems to have an absurd amount of permissions for no reason at all, hit the "Disconnect" button, then "Disconnect" again to revoke access to your account.
From there, go about uninstalling the app from your device to be safe. If it was an app that you used all the time, try finding a replacement on the Play Store that has a similar set of features with fewer permissions. Your personal fitness data is very sensitive information and should stay protected. So it's helpful to keep it safe from third-party eyes that you don't trust. Hope this helps!
This article was produced during Gadget Hacks' annual Health & Fitness special coverage. Read all of the Health & Fitness series.