This is also my recommended way and the only correct way to minimize the risk of data leaking from my phone. So you have to trust the developers of an OS. However, this also means achieving very little comfort because many “useful” apps cannot be used.
Unfortunately, that’s only a small part that I can control. To be even more secure, I would have to forego visiting the Internet. Search engines, internet forums, social networks, internet shops, companies are all waiting for me there. A transfer via PayPal, for example, is shared with 600 companies that you do not know, have never seen and will never see (https://netzpolitik.org/2018/visualisiert-mit-diesen-600-firmen-teilt-paypal -your data/#). Every website with the Facebook link tracks you whether you are a member or not. Big data then allows the anonymous data records to be assigned to an existing person. Try to turn off all access (advertising, cookies, super cookies, trackers, pixel traps and so on) and you can barely use internet sites. It takes a very long time for an interested user to want to protect himself against everything. You can never reach 100%. And you can never achieve that all data records that are circulating about you on the Internet are actually effectively protected by (e.g.) companies, insurance companies, banks. You can only hope that employees at all companies think like you and do the best they can. The reality looks different.
Linking the Internet to a phone eliminates privacy. The modern internet is there to make money. Hundreds of thousands of developers are looking for ways to get your data. Because the web has no real product to offer, it takes your data and sells it. Convenience comes at a high price and consequently the internet has to be seen as a honeypot.
If you are concerned with the security of a phone, you also have to keep an eye on the usage and not just a handset. It’s just a small link in the chain.
That’s what I mean and thank you for your patience with my philosophical reflections