Great advice, but…

DuckDuckGo is hosted in the US. All your data is a court order away… Better use StartPage, or Qwant (or both).

2FA on Gmail still leaves all your data (and basically all your life) in Google’s hands ProtonMail is one of the best altetnatives. (It’s Swiss hosted, security *and* privacy focused.)

TOR is a placebo, its exit nodes cannot be trusted. Use a secure VPN instead (the makers of ProtonMail also do VPN, with no logs, there is a free basic version too). If you need TOR to access .onion sites, they offer TOR over VPN too.

Full disk encryption should really be a default for anyone. There is also a little piece software called Cryptomator, that will automagically encrypt any data you send to cloud storages, like DropBox or GoogleDrive, so it lives in the cloud in a secure format.

But the most important bit you’ve missed entirely. If you use a proprietary OS, like Window$ or MacO$, your data, habits, actions etc. are under constant surveillance. (Micro$oft is known to have backdoors built in to Windoze since at least the XP variant, and while the fruity competitor seems to be somewhat better regarding who they share your data with, you never know what *they* will do with it. Linux or various BSDs offer better privacy, and security overall, while being open source and auditable, and (usually) not in the hands of for-profit corporations. (Forget Ubuntu and derivatives, and go with Debian. Here’s a handy guide to get started.)