Besides /e/ os, I would also recommend graphene and calyxos.
Calyxos works similar to /e/os in that it uses microg to get things working, but calyxos is more up-to-date and secure.
Graphene os uses sandboxed Google play, which sounds bad, but the play services is confined to its sandbox, basically graphene os will simply feed it garbage telemetry unless it is absolutely necessary for the system to function.
/e/ os supports more devices (not just pixel like the other two), have their own SSO cloud service based on Nextcloud, and they support device that is outside of the support period of manufacturer (this also hurts security, as firmware cannot be updated without the OEM supporting the phone). But there is always a trade-off between security and longevity, given that most OEM only support a phone for couple of years now.
Ironically, the most privacy friendly android hardware is Google Pixel, mainly because it can install graphene/calyxos