When you buy an air fryer, you’re probably thinking about quicker dinners, crunchier fries, and lower energy bills, not whether it’s quietly collecting your personal data.
But back in 2024, a Which? investigation raised serious questions about how some smart kitchen appliances handle the information they gather from users. Two popular air fryer models — from Xiaomi and Aigostar — were found to request permissions far beyond what most people would expect from a cooking device, including access to precise location data and even audio recording on a user’s phone.
The findings sparked widespread concern, and earlier this year , the ICO, which is the UK’s data watchdog, responded with new guidance to tighten standards across the smart tech industry.
What did Which? actually find?
Researchers examined the Android apps linked to certain smart air fryers and noticed a pattern: requests for data that didn’t appear necessary for the product to work.
With the Xiaomi Smart Air Fryer, the companion app was connected to trackers from Facebook, Tencent and TikTok’s ad network Pangle. It also requested permission to record audio, despite the fryer not using voice commands. While the Aigostar smart fryer app asked users for personal information such as gender and date of birth (optional), collected location data, and sent data to servers in China.
Xiaomi disputed parts of the findings and said it complies with UK data protection laws and does not sell personal information to third parties. Aigostar did not comment.
Why are smart devices collecting so much data?
Smart tech has become normal in the home. From doorbells and thermostats to fridges and now air fryers, many devices include apps designed to “enhance” their features. But in practice, these apps often become another source of marketing data. Location, usage patterns, personal details and in some cases audio access can all help companies build targeted advertising profiles.
And it’s not just air fryers. In recent years, smart rings, robot vacuums and wearable devices have all been found to collect or share unexpected information, from movement data to images to stress levels.
The Which? investigation, along with wider concerns about the smart home market, prompted the ICO to publish new guidance earlier this year on how smart product makers must handle personal data.
The ICO’s message was clear: Consumers shouldn’t have to choose between enjoying modern tech and protecting their privacy — especially inside their own homes.
The guidance requires manufacturers to adopt data protection by design and default, meaning they must consider privacy from the very start of the product’s development and throughout its entire lifecycle.
It also tells developers to ask fundamental questions such as:
- Do you actually need to collect personal information?
- Is this permission proportionate to the purpose of the device?
Smartwatches and fitness trackers were also included in the new rules. The ICO warned that information like BMI or fertility data counts as special category data and requires extra protection.
What you can do to protect yourself
You don’t need to throw your air fryer out of the window. But a few small steps can help keep you in control:
- Check app permissions before accepting them. If a fryer wants access to your microphone or precise location, ask why.
- Use ‘deny’ or ‘only while using the app’ when possible. Most products will still function perfectly well.
- Review privacy notices. Especially for cheaper smart tech with companion apps.
- Consider using guest networks for your home Wi-Fi. So smart devices can’t see everything else connected.
You can also report concerns to the ICO — the Uks data protection watchdog — if you believe your data is being misused.
At Join the Claim, we shine a spotlight on issues that affect consumers across the UK, including data misuse and privacy risks. Our role is to cut through confusion, explain what’s happening in plain English, and help people understand their rights.
Smart home tech isn’t going away. But neither should your right to know what’s happening with your personal information.
