Your router (or phone when on mobile data) makes DNS requests as you browse the web. By default, though, your ISP sees all your searches and web addresses. You can change your DNS settings for increased security and privacy.
DNS over HTTPS, DoH, is a new protocol that encrypts DNS requests and inter-server traffic. However, logged and cached DNS requests are not encrypted. They’re only encrypted in transit. And of course, most ISPs log everything they can, and they don’t all support DNSSEC and DoH.
But you can set your phone or router to default to using quite a few different free and privacy based DNS servers. Discussed in the article are OpenDNS Home, Google Public DNS, Cloudflare, DNSWatch, and Quad9, along with their DNS IP addresses to use.
I long ago set my router to use Quad9, and my phone had a picklist of options too. Then you just forget about it as it keeps working. Note that on Samsung phones you may be prompted to enter a domain name instead of IP address, and you can find these at https://www.smartphones.how/internet/private-dns-mode-android.
See https://www.howtogeek.com/874773/the-best-dns-servers-for-secure-browsing/