Open source has existed for some time now. It is also starting to become mainstream, which is great. But it has even started becoming a bit of a gray area, with services going in different directions to feel they have the right to call themselves privacy-friendly. As a founder of the new privacy-focused analytics service, Kindmetrics, I know from own experience.
You should not have to take someone on their word that they will take good care of your data. It will like in a movie—how often does everything end up fine when a character says that they should be trusted? You should have the right to see for yourself if they stand by privacy norms and handle data, both yours and your visitors', as safely as is possible.
Trust only yourself.
If you have audited the project and seen some mistakes or have ideas to do things better, or if you can't code, you can have a feature request. Feel free to join and help push the project forward in the direction you want. That is part of open source. If you need something and know how to code, you can always build it and ask to add it to the project. They should align with the idealogy and plans of the project; those usually exist in the description or the issues.
Take Kindmetrics as an example. Kindmetrics probably has bugs or some miscalculations on the fundamentals, and I am always open to a bug report or a fix by some Kindmetrics user. I cannot be perfect, and open-source help makes the project better for you and your visitors.
That rationale is typically what most companies or people use to justify their decision not to open source. Take Fathom, a competitor to Kindmetrics, as an example. They have an episode on their podcast where they explain why they decided not to make the new version of their service open source because "paid users have to come first."1
Of course, I agree with them, but I don't see this as a valid point to not do open source. Support handles well in open source as well. You can easily handle small issues and support without taking a lot of time. If someone needs more significant help, say, setting up the service, I can offer a support package with time-based or fixed pricing. I value my time, and many open-source services also do this.
If it is the same code base, paid users and open-source users will most likely touch the same bugs, so you will prioritize those that have the most impact. So indirectly you will help both. Kindmetrics is also using docker for deployment and for publishing the service, making it easy to have straightforward releases and deployments.
You won't lose customers as well. Those who self-host would most likely not pay for your service anyway. If they won't, let them use Kindmetrics anyway to build a relationship and make them happy with Kindmetrics instead. They could become ambassadors for Kindmetrics that way.