As services increasingly move online and mobile devices become ubiquitous, mobile applications are widely used by ordinary people with little technical knowledge. Consequently, user privacy has become an essential matter to consider when developing mobile applications. In this paper, we study the privacy of 32 mobile applications provided by Finnish public sector bodies. First, we investigate with network traffic analysis what kind of personal data these application send out to third party analytics services. We then analyze the privacy policy documents of these applications and assess their clarity and transparency. Our findings show that there are several inconsistencies between the actual traffic of the studied applications and what is said about processing personal data in privacy policies. This underlines the need for software developers and organizations to be better aware of privacy regulations and data their applications send out. There is also lots of work to be done in making the privacy policies less vague and more informative, for example when it comes to explaining what technical data items are sent to third parties and how this can potentially affect the user privacy.