Regarding privacy breaches I agree with your tips but its not Google play specific. Fdroid apps can do the same and random apks from links or github can be worse.
It is always needed to check well an soft (Exodus Privacy, reading PP/TOS, permissions in the phone…), independing from where you download it, but certainly apps from Google Play are not the same as from F-Droid or their corresponding homepage. eg.I mencioned InviZible Pro, which from Google Play is an castrated version, without the original adblock function, same also in other privacy apps. Google Play is the worst place to download an app, always use it as last option if possible. Adding also the need to use an AV in the phone, eg.BitDefender is a good choice, even the free version, because the Google Playprotect is absolute trash, which protect against nothing. Apk from the Play store with malware are only removed after claims from affected users.
Regarding privacy breaches I agree with your tips but its not Google play specific. Fdroid apps can do the same and random apks from links or github can be worse.
It is always needed to check well an soft (Exodus Privacy, reading PP/TOS, permissions in the phone…), independing from where you download it, but certainly apps from Google Play are not the same as from F-Droid or their corresponding homepage. eg.I mencioned InviZible Pro, which from Google Play is an castrated version, without the original adblock function, same also in other privacy apps. Google Play is the worst place to download an app, always use it as last option if possible. Adding also the need to use an AV in the phone, eg.BitDefender is a good choice, even the free version, because the Google Playprotect is absolute trash, which protect against nothing. Apk from the Play store with malware are only removed after claims from affected users.