Bitcoins indeed have much worse privacy than cash.
As you outline, if people use the worst possible privacy choices the privacy is ridiculously bad. It does not have to be that bad.
The current best practice for on-chain transactions (as in not all the layer 2 stuff needed to scale) is to use a new address for every incoming transaction. That way a shop would not have one address but thousands, none of which your employer can easily know about.
This type of privacy is still not anywhere near cash. To get that type of privacy you would need to mix your coins with others. Essentially putting all the coins into a sack, shaking it, then handing out coins to everyone. It is not perfekt but we are getting to cash like levels of privacy. Cash is not perfekt either, bills have serial numbers, etc.
The elefant in the room is that for most people what will really matter is the layer 2/3 solutions and what properties they have. On chain transactions does not scale to planet level. The thinking these days is that the bitcoin blockchain should be used more like a court and less like the ledger it was initially intended to be.