You do not seem to have done anything wrong - what you seem to have discovered is a feature of Debian's multi-user mode. Ubuntu, and therefore Ubuntu-Mate, are based on Debian.
"The beginner handbook - Debian 10 Buster",
states in section 10.2.1
"10.2.1 Limit the access rights of others on your data
If you use Debian in “multi-user” mode, the data of the other users are readable by you, and yours too, by necessity. You may want to restrict the other users access rights to some of your data."
"The graphical procedure is easy to execute (no need to open a terminal):
right-click on the folder > properties > “Permissions”.
Select the “None” option for the “Others” access rights: A window will ask you if you want to apply these modifications to all the files and folders embedded within the concerned folder, and we advise you to accept, in order to protect the full set of data included inside this folder."
Applying this to Ubuntu-Mate,
- open Caja (the file manager), in the left-hand pane select "File System", then in the main pain the "home" folders will appear for all users on the computer.
- Right-click on the home folder of the user for whom you wish to restrict others access.
- Select "Properties".
- On the "Permissions" tab for the "Others" set Folder and File access to "None", and click on the button "Apply Permissions to Enclosed Files".
- Close the the "Properties" window.
I hope that helps.