Most important and super privacy/security related topic: DNS. Instead of choosing a public one. Host your own infrastructure. You don't need public instances. Just run ADGUARD or unbound/dnsmasq/dnsdist in recursive mode on your router or machine. And you can set limits and block-lists to your needs.