"Privacy-focused" unless you need privacy from the EU itself. DNS services know every website your computer connects to before HTTPs comes on, so it's rather sensitive.
Read it rather quickly, but looks fine at least on the surface. Sadly, there is no way I would trust anything as sensitive as DNS with the EU given their dreadful record of creeping surveillance.
Depends a bit on which machine really. Overall, I am more confident trusting a company with a good track record or non-profit with DNS. Mullvad have great offerings with optional content blocking and DNS over both HTTPS and TLS:
If there are other entities (commercial or not) with similar DNS services I would be happy to hear about them.
I find some reactions here to my initial comment a bit puzzling. Yes, the EU has a number of great attempts at getting privacy legislation right. Personally, I even have sympathies for the cookie banners. But it is equally true that we have seen attempts and successes to introduce surveillance measures as well. I remember the fight against the Data Retention Directive [1] and we still have "Chat Control" lurking in the shadows. Thus, I do not think I am entirely wrong in feeling less than chuffed about the prospect of handing all my DNS queries straight over to an entity working directly under the European Commission.
There were many laws on surveillance proposed in the EU context as there are many parties that make proposals. But there's no actual such law in place. And the EU is bound by GDPR and EDPR and actually does a huge circus to respect them, so I'd trust them more than any other party, be it my provider or the mega corps collecting data for ads.
Non-cPIR databases tend to have that problem indeed, and from what I understand cPIR is not practical. So in the strictest sense, this issue will continue to remain and is not reasonable to expect otherwise.
But if someone here is more involved in private information retrieval tech and the likes & knows different, happy to learn more.
In the end, with DNS you have to trust someone, your ISP, the DoH host, or wherever you get the records for running your own resolver. It's not a "Do I want privacy yes or no?" but rather "Who do I trust enough to make these requests through?"
Personally, I'd trust an entity that is under GDPR more than one that is not.
No idea if that's the case, but the two are not necessarily incompatible.