a few comments about VPNs
A couple notes about VPNs and privacy. Your central point of failure for connected devices at home, from a privacy perspective, is your connection to a host. You access the internet by virtue of being connected to some host computer, typically a machine your ISP runs. Using a VPN simply switches your point of ingress, your "connection point" to the net, through which all your traffic goes (and can be watched or collected)
So to be clear, connecting to a VPN means your traffic to and from websites, mailservers, etc. will all pass through a server operated by the VPN company instead of your ISP. You've essentially shifted a lot of "trust" from your ISP to your VPN provider. Specifically the ability to monitor and record your online activity to some extent. There is much nuance, needless to say.
A major point that must be made is that all VPNs are not created equal. Almost all of them are hot garbage at best, malware at worst. Shady VPN operators date back to the 20th century, where some unscrupulous ones used to simply switch users' IP addresses. Almost all the commercial VPN offerings are shell companies owned and operated by the same few groups, and offer no security or privacy. They simply change your IP address from the one assigned by your ISP to another, nothing more. Is there significant latency? Do they log usage? Do they log traffic data? Do they secure their systems against takeover? (imagine your original IP being re-allocated to some criminal group for example)
Great commercial VPN services offer a lot, however, for security and privacy. Use a VPN when using public Wi-fi. Use VPN when you don't want to disclose your IP. Use a VPN when you want to break geo-restrictions, or shop for price when pricing is geo-based (car rentals, plane tickets, etc) And most importantly, use VPN for privacy - but that requires careful choices.
Running your own VPN is usually a bad idea, and here's why. In terms of surveillance, the traffic coming from that IP address is all yours. That's literally a complete lack of anonymity. The best approach is to invite friends to also use it, so there is plausaible deniability. There is no certaintly about whose traffic is whose, it's all been reduced to probability iff you do not log information, and you monitor it to ensure it remains that way, since the hardware is not under your control.
The best commercial services give you so much more though. Your entry and exit IP addresses are not simply changed, your traffic is routed through their internal network. This may even entail routing the traffic through a Tor circuit if you don't mind some latency. The best services do not keep logs or billing info. Modern VPNs can look more like edge networks, or even overlay networks these days. It may be worth a second look.