A custom, rooted Android ROM (anything close to AOSP on a device with good community support) with no GApps or Play Services, plus PMP or XPrivacy installed, as well as a firewall like AFWall+ enabled and configured. Install F-Droid and use APKMirror for alternative to Play Store and manual app installs. Install AdAway, and use Firefox with privacy control extensions (e.g. Ghostery, though you may not need it) and user agent spoofer. Disable scripting/use NoScript. Use a no logging VPN to encrypt your traffic.
You may need something like NOGAPPS as a substitute for Google location services. There are apps that won't run properly if you go the full non-Google route. You can also monitor network usage with an app like Network Log, and spoof GPS, mac address, etc with modules on Xposed. Ignore all the ones that do it for Pokemon Go.
I do
some of the above (it's a pain in the butt if you want to go full tin foil) just to keep potential rogue apps from leeching my data; though I do stay away from obvious malware targets like wallpaper apps, I also don't like stuff like games leaking my contact info or other details about me, and it's hard to keep that from happening without at least better permissions controls and a firewall. It's also beneficial for managing data if you aren't on an unlimited plan: some apps I limit to work only on WiFi, and others I give no access to at all (a lot of utility apps and games really shouldn't be using data, but they do). Running a barebones variant of AOSP on a low end device also improves performance and battery life. Google has gotten better with Play Services, but it can still eat up resources in the background.
You could get an Ubuntu phone or install the OS on one of the handful of devices that support it, but keep in mind it's a Canonical product just as
Android is a Google product. I don't suspect either of them of doing anything nefarious (nor do I rule it out) just be aware of it. Also, it doesn't seem to be very polished at this point, nor is there a real guarantee they continue the project. Mozilla just recently killed Firefox OS.
You can also disable or strip out much of the apps, services, and UI of AOSP and run Linux on top of or alongside Android on pretty much any Android device with at least root access, if it's Linux you want.
And if you are leaning more toward security and not (just) privacy, you may want to look at one of the companies like Silent Circle or Copperhead doing secure versions of Android that get updated, or just get a Nexus/Pixel and de-Google it yourself. Again, it depends on who you want to trust.
Keep in mind most of what I suggested doesn't really help "usability", depending on what you mean by that. There's a risk of trading away security for privacy, too: if you root and have an unlocked bootloader, you have to be careful about the apps you install and also have to carefully control physical access to your phone (e.g. don't go plugging it into random chargers in public places, which you may want to avoid doing anyway).