You probably knew that your smartphone is tracking you. At least, you had some idea that companies keep track of how you use their apps, and what you do online. That’s not news. What you might not have known is that the extent to which you are tracked goes. In fact, there is an entire industry based on tracking the exact location of your smartphone, and providing that information to marketers.

While the companies behind this tracking say your information is anonymous, it doesn’t take much to figure out everywhere you go with your phone. That tracking is revealed in an extensive report from The New York Times, which had access to data that included the location information of 12 million smartphones over a period of months.

The reality is that the details you can learn from this information is staggaring, and would probably make most of us very uncomfortable. For example, the Times‘s Stuart A. Thompson and Charlie Warzel show how easy it is to determine who a device belongs to based on its presence at a home or workplace. In fact, the reporters explained how they were able to identify a Microsoft employee who went for an interview at Amazon, and a month later left for a new job.

All of that from supposedly anonymous data.

These data-brokers insist that their databases are kept secure, except, I just read about it in The New York Times. If a reporter can get ahold of it, I’m not optimistic that it’d be all that challenging for a hacker.

Both iOS and Android have made it easier for smartphone owners to manage when and why apps are able to track their location, but in reality, most people pay very little attention to the prompts that come up asking for permission to share locations. Most of the time we think “sure, Facebook needs my location so I can tag this photo.”

But what many of us forget is that Facebook doesn’t care about that photo. Facebook cares about building a profile of each of its user based on hundreds of data points so that it can better monetize your privacy. And it isn’t the only one.

App developers use software development kits (SDKs) from third-party services like Facebook or Google. Those SDKs are included in a variety of software like weather apps. Of course, a weather app needs to know where you are in order to provide you with a forecast. But it also uses that information to provide data to marketers who track your location and build a profile of you.

Besides the fact that it’s creepy that this data is tracked, stored, and aggregated, there are two very real problems with this type of tracking. The first is that your location is literally your most personal of information. Where you are located right now is deeply personal and can reveal information you don’t necessarily want shared with anyone, least of all marketers.

But that isn’t the worst case scenario. What happens when that information ends up in the hands of someone with different intentions than simply targeting you with ads. What about hackers who might access the information, sift through it for compromising data, and use that to blackmail high-profile individuals. Or a criminal who observes your location pattern and figures out when your home is going to be empty. The reality is that the thing you rely on every day, the thing you carry in your pocket when you leave home, happens to be the thing that lets others know every time you do.