Spotify offers an API that lets other websites and applications access your music and data. That can be a cool feature if you're using it to integrate music with other tools, like Shazam or Sonos. But, when you're finished, it's probably a good idea to restrict access to the most essential apps.
On a laptop or desktop computer, head to Spotify's website. If you're not logged in already, go ahead and click "Log In" in the upper right-hand corner, and then enter your credentials. It doesn't matter if you're using a standard email account or a Facebook connection to log in.
After you've logged in, you'll see your main account information page. Click the "Apps" link near the bottom of the left-hand column. In some cases, you'll first need to click on the three-line menu button in the top-right corner and select "Account."
The "Apps with access to your Spotify information" page shows a list of all the applications you've granted Spotify permissions to interact with. If you want to remove an app's permissions, just click the "Remove Access" button to the right of that app. Afterward, the app will no longer have access to your Spotify data.
There is one thing to keep in mind, though. Revoking a third-party app's access to your Spotify account only stops that from collecting new information from that point forward. It doesn't mean that the app will delete the data it's already collected---and indeed, it's probably best to assume that it hasn't. Delete your account with that third-party app, if possible, for extra security.