Facebook may have gone public, but you can go private.  Even if you only have a few minutes, you can significantly improve your privacy protections on (and off) Facebook with these lucky 7 tips.

I like to know who’s behind the advice I read, so I’ll introduce myself.  I’m Sarah. I’m a lawyer and privacy analyst at Abine, an online privacy startup in the heart of Boston’s innovation district. Privacy is what we do. We build it into our products, we fight to preserve it and expand it, and we really believe in it. I’m a proud privacy advocate, and it’s my job to decipher tough privacy policies and settings and get down to what’s important.

1.  Limit your sharing to friends only

This is THE most important thing you can do with your Facebook privacy settings.  If you’re sharing with “friends of friends,” you’re exposing your info to an average of 150,000 people.  Let’s be serious:  no one has that many friends.  And when your data is open to the public, it can–and does–end up anywhere:  the Girls Around Me app and Spokeo.com are two creepy examples.  You can also use Abine’s Social Search to show you just how much of your info is floating around online.

In Facebook, go to “Privacy Settings,” then select “Friends” or “Custom” under the “Control your Default Privacy” header.  You should also go through each individual section below and make sure that you’re comfortable with its settings.

2.  Stop your friends from sharing your info

Even if your own privacy settings are rock-solid, your info may still be publicly available through your friends.  The career networking app BranchOut provides a good example of how this can happen.  BranchOut requests “your basic info,” plus seven other permissions, including your and your friends’ current locations, your and your friends’ work and education history, and your email address.  Even without your permission, BranchOut can access your data with your friends’ permission.

Go to “Privacy Settings,” then “Apps, Games and Websites,” and edit settings for “How people bring your info to apps they use.”  Uncheck anything you’re not comfortable sharing.

3.  Keep your face out of Facebook’s clutches

After a privacy backlash, Facebook renamed its facial recognition software “tag suggestions,” but don’t be fooled:  tag suggestions are facial recognition.  In Facebook’s own words, “If a friend uploads a photo that looks like you, we’ll suggest adding a tag of you.”  Protect yourself by turning tag suggestions off.

Go to “Privacy Settings,” then “Timeline and Tagging” and select “No One” next to “Who sees tag suggestions when photos that look like you are uploaded?”

4.  Stop Facebook from watching you off Facebook, too

Facebook’s reach is so widespread that protecting your data requires control both on and off of the giant social network.  You know those Facebook Like and Connect buttons you see on almost every website?  They’re not just for sharing:  they’re tracking devicesFacebook buttons can track both members and non-members of Facebook, even if you never click them.  They transmit your clicks, browsing history, IP address, and more to Facebook. 1,992,780 websites currently use Facebook Like buttons, and that number continues to rise.

They’re also expected to launch their own ad network soon to compete with Google, so you’ll start seeing Facebook ads off of Facebook.  Facebook’s Chief Privacy Officer Erin Egan echoed this in a live Q&A video session a few weeks ago, stating, “We may serve you an ad off Facebook.  We have nothing to announce yet, but there was some language in the data use policy that indicated that we may show an ad with a social context or any kind of ad without a social context.”

But have no fear:  our free browser add-on, Do Not Track Plus, blocks social button tracking by default (hey, a little shameless self-promotion never hurt anybody ;).  It stops the buttons from sharing your information even before you click on them.  You can still share, however, but now the choice is yours, not Facebook’s.

To block social button tracking, try Do Not Track Plus for at Abine.com.  It’s available for Firefox, Chrome, Safari, and Internet Explorer.  It’s free, and we don’t track our users or collect their info.  Learn more on our FAQs.

5.  Take control over your tags and your Timeline

Would you rather A), let anyone (anyone, not just your friends) tag you in any photo without your approval; or B), be able to look tags over before they’re posted to your timeline?  If you care at all about privacy, B is your answer.  And yes, anyone can tag you now.  Facebook quietly slipped in this tag free-for-all alongside its tag review feature.

With tag review enabled, you’ll start receiving tag notices.  You’ll see them on your home feed as to-do’s, just like pending friend requests, messages, and comments.  You can then review pending tags and choose whether to approve them by hitting the check mark next to the item.

Go to “Privacy Settings, then “Timeline and Tagging,” and switch ON both “Review posts friends tag you in before they appear on your timeline” and “Review tags friends add to your own posts on Facebook.

6.  Limit the audience for past posts

Think of this button as a 1-stop shop to edit the visibility of all of your past Facebook posts.  Anything that was open to the public or friends of friends will change to friends only.

Go to “Privacy Settings,” then “Limit the audience for past posts,” and click the “Limit Old Posts” button.

7.  Put Subscriber Search on private

Facebook now lets others subscribe to your updates–in other words, whatever you’re posting will show up in their home feed.  Unless you turn off Subscriber Search, your posts are open to the public and anyone can subscribe to you, whether you know them or not.  This also means that your “public timeline [will] show up in search engine results and let anyone look up your timeline by name.”

Go to “Account Settings,” then “Subscribers” on the lefthand side of the screen.  Uncheck the box next to “Subscriber Search.”

Related: Check Out Facebook’s Profile Pages Through the Years.