What I do is to run the exiftool to strip all the metadata from the image. Next, I check if there are any identifying details in the image like landmarks or background details (e.g. stuff on my whiteboard). And finally I check for the unwanted reflections or for the setup that could be recognised outside the community I share the photo with. Last but not least, I never share a photo in more than one place.
I don’t upload photos of myself or my environment to public websites. The only people online who have seen me are two close friends on Discord.
When uploading my art I admit I’m somewhat paranoid about it since my art has been stolen once already, and I like to keep the files associated with my art archived just prior to uploading as a point of reference.
Which means your two close friends & the corporate Discord data harvester.
With friends I can at least tell them to use a privacy-respecting or self hosted option, but I still don’t understand how businesses actively prefer US-based, proprietary services such as Google Meet for meetings. Do they really think Google & others aren’t record & training on their private business meeting data?