Yeah, that's what I currently do. However as traffic grows in both volume and origin, and can be hard (and expensive) to keep up. That's why a privacy-respecting provider who already has the infrastructure would be ideal.
Unfortunately, every time you use a hosted service it's basically guaranteed you're not going to get any privacy (even if they claim otherwise, see: the amount of people who get v& using no-log vpn providers). Running it yourself is the only way to have certain guarantees about logs and whatnot.