Fair enough, they sell access to your eyeballs to their real customers, the advertisers.
But, what isn't fair is that it's 807 "partners". This isn't 807 different brands who might want to advertise to you, it's far more than that. This is 807 different "partners" among whom are Google, Meta, ByteDance, Amazon, Alibaba, etc. who then each go on to sell access to their hundreds of thousands of advertisers.
You can't expect to have a meaningful privacy policy when you're sharing that data with 807 different entities.
The way I see it, they have us over a barrel. Unless there’s law on the books that says you can’t do that, your recourse is to pay for email or setup your own mail server. Good luck getting others to trust that though. I guess you could pay for a 3rd party cert.
I run my own mail server. It's a pain in the ass and I don't recommend it. But, trust isn't really the issue, and the only certs I use are from Let's Encrypt.
What about web hosting these days? Time was you’d get email as part of that deal, with your own custom domains. Have they farmed that out to services like Gmail etc?
I don't know of any company that just runs mail servers. If you're running your own mail server, you're likely doing it on a small virtual instance. Adding web to that is easy. If you want a web frontend for email, there are plenty of options, although personally I just use IMAP.