I've worked in the IT security field for quite a while, this is what I personally do to protect my privacy:
1. No social media. This forum is the closest thing to social media that I use.
2. Gmail - I use Gmail daily for email, contacts and calendar entries, however I keep it completely "unclassified". Anything sensitive is stored offline on my NAS and never traverses Google's servers.
3. Keepass everything - Every single service I use has its own unique password. All account information is stored in Keepass with a very strong password.
4. Use AdBlock Plus and Ghostery plugins for my browser (Opera). I don't use Chrome. I also clear cookies upon exit.
5. I too use pfsense but for network-wide ad-blocking, I use Pi-hole.
6. Run "Fake GPS" on my Android phone. Not only does every application think I'm in an entirely different state, it messes with Google's data collection, especially when it tries to link my location (based on my search history, IP etc...) with GPS data from my phone when on Wi-Fi. Sometimes I'm in Sydney, other times I'm just "Somewhere in Australia". I usually block most things, but feeding fake information back via location services is great.