The first and best measures are not only privacy apps, but a good security education, explaining well the risks and a correct use of the mobile. The biggest segurity hole is ignorance. You can’t avoid with apps the missuse of the Phone by an teen with nonsense in the head. Establishing a strict Kiosk mode on the mobile is not the right way. A localisation app is of course a good idea, also InviZible Pro with permanent enabled DNScrypt is a good protection
It is a big difference to confuse the lack of privacy when an gov can access userdata in the case of an court order with the lack of privacy when private companies can spread and sell userdata. The difference is the right of the user to access and delete his data, which exists by law in the EU, but not in the USA. The EU is far from perfect, but lightyears better in questions of privacy
Microsoft US
Microsoft EU