The best phone model is the latest, due to longevoty of support it recieves. 7th Gen Pixels basically until the 8th is released. (While Fold is latest release it's internals and price are prohibitiven for most and is a first gen release of the type too).

Best practice for privacy is to, without trying to be pedantic here, use the device in its default state without any apps or services.

It is down to individual users to decide what information they supply, genuine or salted etc.

One approach is to keep the owner empty and as is unless you hit a road block requiring it's use just as an admin user to configure certain settings only the owner can.

Use a separate secondary multiple user profile for day to day with open source low footprint apps such as password manager, TOTP app etc

Regards sandboxed Google Play and apps depending on mostly Google Libraries and FCM for push, using a dedicated user that isn't the owner is a good approach as each user is considered like a separate device.

Anything else let me know however the above is only one option. What you do could depend entirely on your preferenxe and threat model.