The first and best measures are not only privacy apps, but a good security education, explaining well the risks and a correct use of the mobile. The biggest segurity hole is ignorance. You can’t avoid with apps the missuse of the Phone by an teen with nonsense in the head. Establishing a strict Kiosk mode on the mobile is not the right way. A localisation app is of course a good idea, also InviZible Pro with permanent enabled DNScrypt is a good protection
If a soft or service is trustworth or not, only depends on the author and the community behind. Nothing worse and dangerous than a software unattended or abandoned by the author, more so if it is OpenSource, where it is easier than in closed source that an asshole add or modify some lines as a little gift,when there is nobody to control it. FOSS is great in new projects, because allow to an coope developement and the access of needed resources, but it isn’t necessarly sinonym of privacy and security, most APIs included in a huge amount of soft are OpenSourcemade by big companies, like Google, Microsoft, Facebook, Amazon and others and not precisely because privacy. Adding also a huge amount of FOSS made by these companies. The normal user only can relay on the TOS and PP, or audit the product with Blacklight, WebbKoll, DomainDigger and similar.