Earlier this month, a test conducted by the Leviathan Security Group showed that even "no-permissions" Android apps can access potentially sensitive data on your phone -- and transmit that data elsewhere via your phone's Web browser.
When you land on a website with social login enabled, you should be presented with a permissions screen that explicitly asks for access to certain types of information about you.