You can't lock down all the things all the time--it's the digital equivalent of hiding in a bunker. Build a personal protection plan that makes sense for you. Start your security assessment with what's known as a threat-modeling exercise. Ask yourself what you want to protect and from whom, and estimate the likelihood that the specific parties would compromise your data. Everything else, you can sweat a little less.
Complicating these privacy concerns is the use of "first party" cookies and "third party" cookies. First party cookies are set directly by the website itself. If a website hires an independent company who itself provides a cookie for a browser when user visits that site, that cookie is called a "third party" cookie. In that instance, the independent company presumably saves the data collected by the cookie and, the website has less control over that data. Third-party cookies, many experts conclude, protect visitors' privacy less than first party cookies.