In reply to Mick r:
Of the three options you've suggested (Android, ChromeOS or Windows), ChromeOS is definitely the most secure.
Windows is more flexible about the software it runs, which makes it more powerful but also more open to compromise by malicious software. Though to give credit where it's due, it's a lot more secure than it used to be. And I wouldn't pay for AV software any more, I think the free option from Microsoft (Windows Defender or whatever they're calling it these days) is adequate.
Android and ChromeOS both let you install Android apps (and also Chrome extensions on ChromeOS). Barring deliberate workarounds, which you'd have to actively enable, all that installed software has to come through Google's store. But Google aren't all that good at policing what they let into the store and malicious stuff does regularly slip through. You're still pretty safe if you stick to well-known apps from established developers with good reputations. But it's worth thinking about. The key advantage over Windows is that malicious software would only get installed if you actively chose to install it. It would still be more limited in capability than malicious software on Windows potentially could be. And if it was later found to be malicious, Google might choose to wipe it from people's devices.
Given those similarities between Android and ChromeOS, the reason I would recommend ChromeOS over Android is that Chromebooks will receive security updates more regularly and for longer than Android tablets. And you can get a lot more done on one without installing any apps or extensions at all, whereas Android pretty much requires apps for full functionality. Technically, you could do almost everything you can do in ChromeOS in the Android browser, but it would be much more frustrating.
You didn't list Apple iOS but it's arguably even better. I've never owned an Apple device because I'm too much of a cheapskate and I don't like the over-simplification and lack of options. But they do a great job on security and privacy compared to the others. Update policy on a par with ChromeOS and much better gatekeeping on what gets allowed into the store to keep out malicious apps (though they're also more restrictive about keeping out apps that aren't malicious but which they dislike for a variety of other reasons).