Just using GrapheneOS instead of using Stock Android is a step in the right direction. Many privacy and security features are built in to the OS.
I'd suggest reading through the project's website: https://grapheneos.org/. There's tons of stuff there that can help you understand the OS better and also steer you in the right direction.
One of the best features, I think, of GrapheneOS and AOSP is user profiles. They're very effective at compartmentalizing apps. Like you could think of them as being separate phones, for separate use-cases. Like one for social media, another for GPS navigation, etc.
Truly, it's up to you to decide how you'd like to set up your phone based on your personal threat model.