Comrade, privacy is quite a bit more than metadata tracking and such. In the modern internet, it really depends on what you're trying to hide from, and how much you're trying to hide from them. Identity theft? Just use 2FA for everything, have a local password manager randomly generate passwords, and don't click on suspicious links. The NSA? Burn your SSN card, convert any and all payments or savings to cash, Monero, or precious metals, wear anti-camera facepaint when you go outside, put rocks in your shoes so you walk funny around Flock Cameras, don't carry any mobile technology that isn't fully open source or made after 1995, and line your clothes and walls with tinfoil or lead.
In being a bit less hyperbolic, and assuming you mean staying private from government, private corp surveillance, and law enforcement orgs as much as possible while also being able to keep your sanity (something I'd be very jealous if you managed to actually keep), you should take a read of the following. Fair warning, walls of text.
1. Operating Systems
ANY AND ALL operating systems you use should be open source. This means no Windows, no iOS or non AOSP Android operating systems. It's a Linux distribution (Pop! OS is good for beginners) and some FOSS (free and open source) Android phone OS for you. A phone with GrapheneOS, CalyxOS, or /e/OS is your best bet. Fair warning, GrapheneOS can only be installed on Google Pixels. If you're scared to download the operating system yourself and in an area that gets coverage for it, I would get a Fairphone that comes preinstalled with /e/OS (or wait for the 2027 Motorola flagship GrapheneOS phone, but by then anti-privacy laws will have likely fucked everybody lol). If you're hiding from the feds, you especially want to make sure that your data is encrypted, so get LUKS2 Full Disk Encryption for Linux systems at install (it is almost always an option in the install GUI). Make sure your phone always requires a secure Password or PIN to unlock and that you have Full Disk Encryption or File-Based Encryption enabled on whatever Android OS you're using. Do not use Biometric (Face or fingerprint) unlocks. Aside from potential privacy concerns—which may be a bit overblown in certain circumstances—they are big security gaps as anyone can lift your fingerprint from a cup or table. The cops especially can get your biometrics whenever they want you in particular.
2. Email
Email is... not private. There is no way to make email truly private, it's simply a form of communication not designed with that possibility in mind. 'Private' email providers will give over whatever metadata they have on you or sell you out the next time you log in when government push comes to shove. The best way to make email privacy respecting is to not do sensitive communication over it at ALL. Just pick the best and most convenient option for yourself. ProtonMail, TutaNota are fine. Migadu allows you basically unlimited aliases and is a pretty good alternative to those two. If you wanna get somewhat technical, you can purchase a domain name and self host your own email service and run it through Thunderbird with encryption on. Alternatively, you could get just ProtonPass premium or anonaddy which also allow for unlimited aliases in tandem with ProtonMail/Tutanota.
3. Communication
All communication you have, but especially sensitive communication should be done through, Open Source, End to End Encrypted services like Signal, Matrix/Element, Briar, or Threema (DO NOT USE WHATSAPP). The less centralized the better. All apps you use should be open source, and any non open source apps should be heavily limited in permissions by your (FOSS) operating system or cut off from the internet entirely unless absolutely necessary.
4. The Internet
In terms of connecting through the internet, you should be using a VPN at all times. ProtonVPN is fine for newbies, but try to stay away from keeping everything in the Proton suite (also generally just don't trust corps). The day they sell out will put you into a panic if you rely on them too much. Mullvad, Windscribe, Hide.me, AirVPN, and IVPN are good VPN services (take IVPN with a grain of salt as I have looked into it the least). For maximum privacy you should pay them in Monero or cash mailed to them with no return address. Let's also not bring 'vote with your wallet' bullshit into a leftist space. Mullvad had a recent controversy for a cofounder funding a far right party. Thing is, they give a battle tested service for a great price, and allow cash payment. Every company plays into this system in some way anyways. Also look into setting up PiHole or NextDNS to block outbound signals from trackers and keep your internal network nice and clean.
5. Web Browsing
Don't use Chrome, OperaGX, Safari, Edge, or any other big time web browser. Only use, as previously mentioned, open source software. I like Waterfox as a daily driver, but there are still good options out there. LibreWolf and Zen Browser are also recommended for desktop and Vanadium or IronFox for Android. Keep an eye on Ladybird browser as it is built from the ground up off of neither Chromium (Google) or Gecko (Firefox) and set to have an alpha release this year. Make sure you read up on what a DNS is and the potential leaks that it can cause when behind a VPN. When you download a Firefox fork of choice set your default search engine to DuckDuckGo, or if you want to be techy selfhost SearXNG. Of course, get uBlock Origin and trick it out with a nice set of antitracker additions, also get LibRedirect so that, if you so desire, you can access things like YouTube, imgur, and Reddit without touching proprietary tracker-heavy Javascript. If you really hate the idea of your browser being fingerprinted, which is very hard to mitigate completely, consider getting JShelter. Both JShelter and LibreWolf are known to cause some sites to break, so be prepared to fiddle a little bit if you need to. TOR is the only truly anonymous web browser, but it's slow, breaks everything, and definitely should only be used for highly sensitive actions.
6. Compartmentalization and Physical Security
When using the same device, web browser, or even desktop user profile extended period of time, you give off unique identifiers that can be traced from site to site. The best way to mitigate this is to compartmentalize your activity. For example, you can only use basic Firefox/Waterfox for innocuous activities—like scrolling instagram or shopping for clothes/on Amazon—that require you to log in. You can use LibreWolf for activities that are more sensitive, like looking into therapy, reading theory, researching medical conditions, consuming porn, etc. For highly sensitive activities you could go as far as using TOR. This logic applies to everything. You can have a crappy old Huawei trap phone for organizing people in your community and a sexy new cutting edge iOS phone for just talking to family or scrolling Twitter. On your computer (or your new FOSS Android operating system wink wink ;)) you could set aside a profile specifically for gaming, or even partition your hard drive/get an external drive with another Linux distro installed specifically for that purpose. Browsers like Waterfox can allow this to a smaller scale with container tabs for work, banking, and shopping. The only rule is that you must be careful with how you compartmentalize. Remember that old Huawei trap phone? Yeah, when you're not using it, it stays in a Faraday Bag. You don't connect to public WiFi with it. You don't put a SIM card in it unless that shit is a secure SIM provider (whole new can of worms) or a prepaid SIM paid for in cash or Monero. You don't even text mee-maw on it, that's what the iOS phone is for. You may as well seal that Huawei in fresh concrete every night and break it out in the morning. If you extend something like this to laptops, where you're doing something highly sensitive, you can even buy a kill-cable that scrambles your data or locks it all down it is suddenly disconnected.