tldr :P ...just kidding friend ;) here are some replies
3.19 [*] Add gigabit ethernet firmware ##### If I read correctly I need that for internet connection and this bianry has just some configuration in it and no excecutable?
That means your Ethernet controller needs a closed source proprietary firmware in order to function.
So this should be not a privacy concerning thing?
Being a closed source this firmware may contain the backdoors or help the backdoor-like functionality of intel me. So yes, this is a privacy concerning thing.
4.2 Display ---> Framebuffer mode (Legacy VGA text mode) ##### I have no idea what to choose here
If you don't know about some setting, just leave it default - usually the defaults are correct, although may be not the best setting. Write down the questionable options somewhere, and if there'd be some problems with your coreboot then you'd know where to dig. In addition, you might check other people's config at coreboot board status reports for your motherboard.
4.6 (0x0000) Override PCI Subsystem Vendor ID ##### What?! 4.7 (0x0000) Override PCI Subsystem Device ID ##### And again: What?!
That probably means if those IDs are different at your specific board you could force them to something different. But better leave them default if you don't have a better idea for them.
##### I'm not sure if I need a VGA Option ROM. In which cases I need it? What disadvantage do I have if I do not integrate a VGA Option ROM? Will I see GRUB when I boot Linux? How could you value that binary in case of privacy and security?
Without a binary option rom you may experience some glitches, some people can't see GRUB although maybe this info is outdated and such problems have been fixed at the latest coreboot. So, like with any other binary blob, you need to check if you could live without it, and only add if you can't.
4.11 [*] Add a Video Bios Table (VBT) binary to CBFS ##### Same questions as for the VGA BIOS image
same answer ;)
5.6 (0x0) UART's PCI bus, device, function address ##### What is that? What I have to insert?
if you don't plan to debug your coreboot with UART (and your laptop probably doesn't have a physical UART) don't need to change anything there
5.9 [*] Support Intel PCI-e WiFi adapters ##### If enabled, will this include a binary in the coreboot image?
no but it will include some workaround for buggy intel wifi controllers that will increase the size of your coreboot image by a few KB . if you don't use intel wifi, dont enable it
6.2 Trusted Platform Module ---> [*] Deactivate TPM ##### I disabled it because of security/privacy reasons. Any disadvantages when I disable it?
if you don't plan to use TPM functionality (which maybe couldn't be trusted because it's closed source soft/hardware) then yes disable it
7.8 Default console log level (0: EMERG) ---> ##### I read that this should decrease boot time. What disadvantages do I have with this setting?
that after your coreboot boots its' log will be mostly empty and you can't see any useful messages at CBMEM console, e.g. which could have been useful if you're debugging some functionality or preparing a bug report
POST code questions ##### What?
like any other bios, coreboot prints some post codes at various booting stages, and you could even insert more prints to coreboot source code if you don't have any other debug methods. E.g. there are some MiniPCIe adapters like Compal MiniPCIe, which are used to display 0xYZ hexadecimal POST code at double 8-segment screen
Hope that helps :)