We are talking about alternatives to Google services. They are very likely infiltrated by the NSA already. So using Google over small VPS providers will give your data to them far more likely. I doubt that the NSA has "everyone surveillance" contracts with every VPS provider out there, even ones in the US... they might only just send letters about individuals they are interested about. Every additional person who has to keep the secret makes exposure more risky.
Anyways, if you do distrust your VPS provider, you can just use it for encrypted backups, and then you'll only have to manage the key.
As for suggested alternatives to DO, there are plenty VPS providers in Europe. 1&1 or Hetzner come to mind. Maye they don't have DDoS protection, but you aren't trying to build a public website anyways.
Anyways, if you do distrust your VPS provider, you can just use it for encrypted backups, and then you'll only have to manage the key.
As for suggested alternatives to DO, there are plenty VPS providers in Europe. 1&1 or Hetzner come to mind. Maye they don't have DDoS protection, but you aren't trying to build a public website anyways.