Recipients are uncontrolled of course. The point of switching was two fold: 1. Google can't mine my information out of my email. 2. Switching where I read my emails is as simple as switching a service (or hosting my own) and changing the MX records to point at that. As for the VPN, since it's my connection going through it and low end VPSes are shared hosts it gives a new threat surface - an attacker can break through the container or a rogue sysop can monitor my connection through there. For VPNs I prefer to control my own hardware and know where the pipes are. A low end VPS with a VPN server running presents the same threat surface as a commercial VPN, with the added bonus of having a shared host be able to break the container or DDoS me indirectly.
Gotcha, I was mostly wondering if you were requiring recipients to follow a link to protonmail to read the email. Years ago I had considered starting an email service that would convert text to images to prevent casual mining by the recipient's provider. For me a nice side benefit has been the ease of creating disposable addresses. I give every company a unique one and throw them away if they start getting spam. It's surprising how many unreported breaches of customer databases that's turned up from major companies. I feel like with a commercial VPN there's a greater risk of a run-of-the-mill breach exposing usage logs. On the other hand, someone targeting a generic VPS datacenter is probably looking for something higher value than exposing the small fraction of people rolling their own VPNs. If you're worried about a rogue sysop or someone with the skills to break out of a container targeting you specifically, wouldn't you have to be just as worried about your packets being monitored within the datacenter after they leave your dedicated hardware?