I would recommend formulating your threat model before doing anything else. There is a lot of materials on the topic on the world wide web, but for starters, ask yourself and answer the question, what information about yourself would you like to keep secret and why.
Again, before anything else, subscribe to an email alias service - maybe there are free ones out there too, I don’t know. This way, you don’t have to share your real email address and you can turn off or even delete that attack vector at anytime.*
Finally, regarding Bandcamp, I have never uses it myself so my understanding of your situation is poor to say the least, but are not able to simply save the links in a text file? Again, I’m not trying to play down the situation, I just don’t understand it.
*This is basically what I do with almost all my services that need registration: I give them an email alias, a randomly generated cyberpunk name and create a 30 characters long password with a password manager. The only services where this doesn’t anonymize you are those that require your payment information, which is often tied to your real identity. Had I been living in the US, I would have used those anonymous prepaid debit cards that work like email aliases, but for your debit or credit cards.
It’s late and I need to sleep so I’ll just paste some links for now, but you are talking about such a wide variety of issues that’s it kind of hard to give a short, succinct answer.
Some privacy tips that I follow, by Naomi Brockwell: https://www.youtube.com/playlist?list=PLt3zZ-N423gXV-0pdxnRn-nw0WzVKh4NY
Same, but by Rob Braxman: https://www.youtube.com/playlist?list=PLKqVMfkpsufHUWAwU9nnkHnhSRH1TBgF3