When You Uninstall a Mac App, Do Its Permissions Go Away?

You drag an app to the Trash, empty it, and assume that’s the end. The app is gone. But the permissions you granted it — Camera, Mic, Files & Folders, Screen Recording, the lot — usually aren’t. Open System Settings → Privacy & Security after a few months of installing and uninstalling things, and you’ll see ghost entries for apps that no longer exist.

Here’s what actually happens when you uninstall, what the leftovers mean, and how to clean up properly.

What drag-to-Trash actually removes

When you drag an app from /Applications to the Trash and empty it, the following gets removed:

• The app bundle itself (the .app package in /Applications)
• That’s it for the obvious stuff

What stays behind:

• Preferences in ~/Library/Preferences/<bundle-id>.plist
• Application Support in ~/Library/Application Support/<app-name>/
• Caches in ~/Library/Caches/<bundle-id>/
• Logs in ~/Library/Logs/<app-name>/
• Saved Application State in ~/Library/Saved Application State/<bundle-id>.savedState
• Sandbox containers (if the app was sandboxed) in ~/Library/Containers/<bundle-id>/
• Group containers in ~/Library/Group Containers/<bundle-id>/
• LaunchAgents and LaunchDaemons in ~/Library/LaunchAgents/, /Library/LaunchAgents/, etc.
• Privacy permission entries in the TCC database (managed by macOS, not user-editable directly)
• Login items and background items (in System Settings → General → Login Items)
• Helper apps installed under /Library/PrivilegedHelperTools/

The privacy permission entries are the ones most relevant for a privacy audit. Even if the app is gone, the OS still holds an entry for it in the relevant TCC pane (Camera, Microphone, Screen Recording, etc.).

Why permissions linger

The privacy database in macOS — sometimes called TCC (Transparency, Consent, and Control) — keys entries by the app’s bundle identifier and codesigning information. When the app file goes away, the database entry doesn’t auto-purge. It sits there with a greyed-out icon.

There are a few reasons Apple hasn’t fixed this:

1. The app might be temporarily missing (a failed update, a moved bundle) and shouldn’t lose its grants.
2. Some apps install background helpers that outlive the main app bundle.
3. Manually-removable rows give users explicit control over the cleanup moment.

The result is that uninstalling cleanly takes more than a drag-to-Trash. It takes either a manual cleanup of the relevant Library folders, or a tool that does it for you, or a thoughtful pass through System Settings to remove the ghost entries by hand.

How to remove ghost permission entries manually

For each privacy pane where the uninstalled app might have had a grant:

1. Open System Settings → Privacy & Security
2. Click the relevant pane (Camera, Microphone, Screen Recording, Accessibility, etc.)
3. Find the entry for the now-uninstalled app (icon will be greyed out)
4. Select the row
5. Click the minus button at the bottom of the list
6. Authenticate with Touch ID or password

Repeat for each pane. The most common ones to check after uninstalling something:

• Accessibility
• Screen Recording
• Input Monitoring
• Files & Folders
• Full Disk Access
• Camera
• Microphone
• Automation (under each parent app)

Audit your permissions in one screenSweep shows every app’s permissions on one page. Revoke in one click. Get Sweep free →

What about the file leftovers?

These are less of a privacy concern (the app is gone, nothing’s reading them) and more of a cleanliness one. But some leftovers can resurface as privacy concerns later:

• A LaunchAgent that’s still loaded can keep an old binary running. If the binary still has permissions, those could be active.
• A login item that’s still configured will start the helper at next login.
• A privileged helper tool installed in /Library/PrivilegedHelperTools/ runs at root and can outlive the GUI app that installed it.

To check for these:

ls -la ~/Library/LaunchAgents/
ls -la /Library/LaunchAgents/
ls -la /Library/LaunchDaemons/
ls -la /Library/PrivilegedHelperTools/

If you see .plist files referencing the uninstalled app, those are persistence vectors that didn’t get cleaned up. You can remove them:

launchctl unload <path-to-plist>
rm <path-to-plist>

For privileged helpers, you typically need sudo and the app’s documented uninstaller (some apps ship one even though most don’t). If the helper is misbehaving, reach out to the developer’s support or do a clean reinstall.

How to do a properly clean uninstall

The best practice for uninstalling a third-party Mac app:

1. Quit the app
2. Drag the app from /Applications to Trash
3. Empty Trash
4. Open ~/Library (Finder → Go menu, hold Option, click Library)
5. Search for or remove the app’s folders in:
   • Application Support
   • Caches
   • Containers
   • Group Containers
   • Logs
   • Preferences
   • Saved Application State
6. Check /Library/LaunchAgents, /Library/LaunchDaemons, /Library/PrivilegedHelperTools for related plists
7. Open System Settings → General → Login Items and remove any references
8. Open System Settings → Privacy & Security and remove ghost entries from each pane
9. Restart the Mac

That’s a lot of steps. Most users don’t do them, which is why drift accumulates. Tools that handle this — built-in uninstallers from some apps, third-party uninstaller utilities — exist because the manual process is genuinely tedious.

See what your apps actually accessSweep surfaces every camera, mic, file, and location permission on your Mac. Download Sweep free →

Apps that ship their own uninstaller

A few categories of apps install enough system-level pieces that they ship dedicated uninstallers:

• VPN clients (NordVPN, ExpressVPN, Mullvad)
• Antivirus and security tools (Sophos, Malwarebytes)
• Backup tools (Backblaze, Carbonite)
• Cloud sync apps that install kernel extensions or system extensions (Dropbox sometimes)
• Virtualization tools (Parallels, VMware Fusion)

For these, always use the developer’s uninstaller. Drag-to-Trash leaves substantial system-level leftovers that can affect performance and privacy.

What about the App Store?

Apps from the Mac App Store are sandboxed and follow stricter rules. When you delete an App Store app via Launchpad (click and hold, then click the X), macOS does a more thorough cleanup — sandbox containers and most associated files go too. But the privacy entries in TCC still don’t auto-remove. Same problem.

The App Store deletion path is cleaner than direct-download drag-to-Trash for file leftovers, but no different for permission leftovers.

Codesigning and reused entries

The TCC database keys entries partly by codesigning identity. If a developer rotates their signing certificate, an old grant becomes invalid and the new version of the app re-prompts. This is why you’ll occasionally see “wants to record your screen” prompts re-appear for apps you’ve used for years.

It’s also a reason ghost entries can persist beyond simple uninstalls — the entry is keyed to a specific signing identity and the OS is conservative about cleaning them up in case the developer just resigned and you’ll be reinstalling.

A reasonable hygiene rhythm

You don’t have to clean up after every uninstall to keep your Mac in good shape. A practical rhythm:

• Quick audit of Privacy & Security every 90 days
• Full uninstall ritual (the 9 steps above) only for apps you’re certain you won’t reinstall
• For apps you might reinstall, ghost entries are harmless until they’re not

Skip System Settings — see it all at onceSweep collapses the privacy maze into one screen. Try Sweep free →

The short answer to the headline question: no, permissions don’t go away when you uninstall a Mac app. They linger as ghost entries in the privacy panes. The cleanup is straightforward but manual. A periodic audit catches them, and a proper uninstaller — first-party from the developer or a third-party tool — handles the file leftovers that drag-to-Trash misses.