This helps ensure that your posts can only be seen by who you want. Unfortunately this isn't something you can turn on yourself.
(Psst! It's enabled on spookygirl.boo, a server just for sex workers!)
Get to know the kinds of post visibility you can pick.
The first is "Global", this is roughly the same as Twitter default privacy and is pretty easy to understand. Next is "Unlisted," this one is trickier but it's essentially "my followers and the followers of anyone who boosts the post." Next is "followers only" which is pretty obvious with one caveat: if you don't have follower approvals turned on, this is basically the same as "Global," since anyone can follow you. Last is "Mentioned people only" which is how DMs work here.
Consider using automatic post expiration.
Mastodon allows you to set up your profile so your posts auto-delete after some amount of time that you choose, unless it has some number of favorites or boosts, etc. It can help you out by limited the amount of free pics people can get from your profile and keep those old rant posts from being dug up.
True on twitter, true here too: block early and often.
The dark secret of the fediverse is that it only has theoretically better moderation than corporate platforms, but in practice it's worse right now. There's just as many bad actors here as there are elsewhere, and there's no algorithm that automatically helps deal with them. The upshot is that mass-blocking is easier. You can block entire servers instead of just individuals. The Bad Space can help you decide if a server is worth blocking, though bear in mind that it's still itself in development.
Really important fact about blocking: it's most effective when your server has authorized fetch (see no. 1 above) turned on. Without authorized fetch, posts with global or unlisted visibility can still sometimes be seen by people you blocked! This is why authorized fetch is the very first privacy tip in this list.