I am transferring my website from Wix (I know, I didn’t know any better at the time) to Wordpress and to self host in on a Freedombox. Currently domain registration is also handled by Wix, but I am looking to change this too.
What are the privacy considerations here, if any?
How does anonymous hosting compare to self hosting?
And any thoughts about domain privacy protection?
I’ve hear from others, and from the old site, Njalla is supposed to be good but the problem I hear is that you do not own the domain technically and Njalla will own it for you so that your records are kept secret on their part.
I’ve gone the route of CloudFlare, sadly. Its BigTech and quite honestly I’m somewhat on the fence about it.
TOSDR have them at Grade D. Meanwhile Njalla is not rated with noticeably fewer issues marked yellow and grey. 1984 hosting is also in TOSDR but it is empty at the time of this posting. I know TOSDR is not a good indicator of good adherence to security and privacy by companies. We could also go for their historical behaviour and to be honest, if you go searching for bad behaviour, any bad behaviour, you will find it online.
So I am curious on other’s take.
I elected to go with PorkBun for my domain registration. They’re a small business, so I am able to trust they’re not doing any big tech things with my data, and they shield my info from other entities. The biggest plus? The couple of times I needed support and called their number a real person picked up - and that real person was very friendly and helpful every single time.
There is no zero-trust way to register a domain (as far as I know), so this seemed like the next best thing.
I can’t speak to hosting - so far I’m only using the domain for email.
With some ccTLDs you can (only) register them at the trustee / administrative entity. That way you only need to trust them and not another registrar additionally. For example ISNIC (for .is domains) allows this, and their Whois will not show information about you unless you explicitly enable it. You still need to provide it to them, though, but that allows you to actually own the domain yourself unlike when using Njalla. Everything else, name servers etc. you can run yourself and don’t have to put trust into other entities.
For domain registration, privacy mostly comes down to:
Who is listed as the registrant (you vs proxy)
Whether WHOIS is redacted
How much you trust the registrar with your real details
There’s no way to be anonymous from the registrar/registry and still truly “own” the domain. WHOIS privacy just hides you from the public.
If you don’t want a lease/proxy model like Njalla (where they are the legal registrant), look at standard ICANN-accredited registrars that:
Include WHOIS privacy by default
Support strong 2FA / hardware keys
Have clear renewal policies
Examples:
Porkbun (US, think twice)
Trustname (EU-based, great option)
NiceNIC (Hong Kong) - non-US jurisdiction too
Avoid at all costs 0 GoDaddy, Namecheap, and other mass-market registrars
Hopefully you are not affiliated to any of those. 
As others mentioned, domain privacy is tricky, some registrars like Njalla will register the domain on your behalf so your info never appears, but the trade-off is you don’t technically own it. For standard registrars, WHOIS privacy is the best you’ll get but your real info is still known to the registrar themselves.
For hosting, I’m the founder of Servury - anonymous hosting with no email/identity required and crypto payments is exactly what we built it for. That said, 1984hosting and Njalla are also solid options worth looking at depending on your threat model.
If you buy a ccTLD like .de, .ch, .at, .us and so on.
Might it not be better to go to the actual Registry and buy the domain from them? Most Registries are also Registrars.
At the end all others are just resellers and I see no security or “owning” benefit of using resellers.