This article co-authored with guest blogger Leonel Gonzalez, a R+C summer associate and student at Roger Williams University School of Law

Pokémon GO has been downloaded 7.5 million times in the U.S. alone. It has been reported that it has surpassed Twitter. If you are enjoying the game, you should know how it is collecting and using your information.

How safe is your information? And where is your information (especially your geolocational data) really going? The augmented reality game uses your device’s microphone, camera, GPS and mobile network to pinpoint the location of the player. The game uses the location to display a map of the surrounding area where players can capture Pokémon, collect items, or fight in “gyms.” Once the player finds a Pokémon, the game may use the device camera to display the Pokémon in an augmented reality mode.

While the player walks around trying to achieve their dream of becoming a Pokémon master, the game is collecting your data. It knows where you are, can listen to your conversations through the microphone and is gathering information on the type of device you are using and where you are while you play the game. The data is then collected and stored by Niantic Inc. (Niantic), the developer of Pokémon GO.

According to the privacy policy, the data is used to “improve and personalize” services provided by Niantic. However, the policy also allows Niantic to provide the data to third parties for the purpose of “research and analysis, demographic profiling, and other similar purposes.”  It is worth noting Google is a major third party backer of Niantic and Pokémon GO.

Niantic is also allowed to provide information to government or law enforcement officials. The policy states:

“We may disclose any information about you (or your authorized child) that is in our possession or control to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate: (a) to respond to claims, legal process (including subpoenas); (b) to protect our property, rights, and safety and the property, rights, and safety of a third party or the public in general; and (c) to identify and stop any activity that we consider illegal, unethical, or legally actionable activity.”

The game has even caught the attention of Senator Al Franken, chairman of the Senate Judiciary Subcommittee on Privacy, Technology and the Law. On July 12, Senator Franken wrote to Niantic CEO John Hanke (Hanke) with concerns on how Niantic plans to use data collected from Pokémon GO players.

Specifically, the senator requested information on what steps Niantic  is taking to inform and receive consent from parents about how their child’s data is being collected. The letter also inquired into the identity of Niantic’s current “third party service providers,” which information collected is necessary to improve Niantic’s services, and how Niantic is working to fix a mistake that allows the app full access into a user’s Google account on IOS.

A PDF of the Senator’s letter can be read here.

There is no mention of what Niantic does with data collected from the camera or microphone of the devices. The lesson here is to read the privacy policy for each and every app that you download to your device.  The full privacy policy can be accessed here.