Logging in to various WMF sites may recently have been accompanied by an e-mail informing you that your account has logged-in from an unfamiliar device. This is because the WMF is a privacy liability.
The Wikimedia Foundation is storing private information about you. And that e-mail really is to help you out, by letting you know when your account is used by an unfamiliar device, IP, browser, OS… any of many differing variables. The annoying element of this is you are only just now getting any benefit from what has been a long-standing practice.
But this is a privacy risk. It means the WMF is collecting and storing data about you and your browsing habits. Supposedly the data is anonymized/aggregated after 90 days. Except when it is not. This information can be used to help track your activities across the internet, and to spy on what you are thinking about. It may be in violation of certain national and multi-national privacy laws, policies, and/or treaties, but most importantly it violates the spirit of the wiki community.
That is, there should be an opt-out.
And so far as I can see, there is not.