An employer (someone’s employer) issued an android app and requests that all of the employees install it. During installation the app requests access to all of the phone’s resources and it wouldn’t work if the access is declined.
The official purpose of the app is sending some internal requests concerning work-related stuff. But, who knows, maybe an employer has some additional goals.
What is the risk for employees when installing such an app on a personal phone? What an employer might see on an employee’s phone? Could it see the employee’s location? What files or personal data can it get access to?
What can an employee do to restrict the employer’s access?
The question is not about using a separate phone. A separate phone for each app is not what the question is about. It is about a 3rd party app on a personal phone.