Worse yet, the company behind the app, Goldenshores Technologies, has been actively deceiving its users, by introducing an option to opt out, despite the fact that your information would be gathered as soon as you open the app, essentially rendering the option useless. The company has since agreed to settle with the FTC, and should no longer engage in such activity.
This is certainly not an isolated incident, and deceitful apps are likely to only increase in numbers, as shady developers are looking to take a bite from the increasingly lucrative mobile apps market. This, more than anything, should convince you to check the type of permissions an app is requesting twice, before you go ahead and hit the green button. In other words, if a flashlight app requires network access, that should be an instant red flag, though there are exceptions that try to monetize their work in a fair and open way.
If you're having doubts already, you should probably go ahead and install an app like Clueful, which will scan your Android for apps that are a tad too nosy, and help you fix the problem.