I don't know the answer for sure, but think the global settings are like default settings. Each application can have different overrides. Not sure if the following is the correct quote to make, but sounds like this is how it works: https://docs.flatpak.org/en/latest/flatpak-command-reference.html#flatpak-override
flatpak-override — Override application requirements
If the application ID APP is not specified then the overrides affect all applications, but the per-application overrides can override the global overrides.
I assume you know Flatseal (GUI application for Flatpak permissions), right? After installation of a Flatpak app, you can go to the Flatseal settings and make sure to disable access if the application enabled anything you don't like. I do not think there is an automatic way to force a specific setting for all applications. You have to deal with this per application. But I can be wrong here.