They likely buy leaked data that would include things like your full name and email, perhaps an address. Even if an address isn't there, legal data brokers often have your address for a small payment anyways. From there they likely use something like Google Street view.
wispy_jsp
On the android front, if you don't mind using a pixel phone then Graphene OS would be worth checking out. It's a foss non rooted alternative to base android with a focus on privacy and security. The no root requirement means a good amount of apps like banking work properly on it. It vastly expands the app permission system and removes the special privileges to Google system apps, allowing you to remove it or limit them. It also supports sandboxing of the play store and multiple profiles so you can effectively quarantine Google requiring apps.
There's a huge amount variety between the alternative sbc providers, but I'm general:
- some are simply designed not to have various bits of hardware like the camera 22 pin connector.
- some fail to conform to the pis pin out or footprint, so hats won't be compatible
- more commonly, documentation and support is so poor that extensive dev/Linux experience is required to get existing hardware to work
All of this makes it difficult to utilize alternatives without conducting considerable research into many different ones.
And there's also WARs for servelets, uberjars, various means of bundling for exes, native compilation via Graal. Overall quite the ignorant meme.