Yeah, that's fair enough. Security and privacy aren't totally mutually excluse, but there are absolutely tradeoffs. And security in a modern threat environment and customizability (at root level) are pretty much non-overlapping circles on a venn diagram.

My perspective is that I want one or two devices in my life, ideally one phone and then either a tablet or small laptop, which are maximally secure and almost never leave my direct custody. I am willing to give up root on these devices to achieve that level of security. Though I'll note that sideloading apps is absolutely possible on Graphene OS.

There are plenty of other general purpose computers at home on which I have root access and can use to tinker and experiment to my heart's content, and which I do not use for highly sensitive personal information (banking, primary email, etc).

The other important difference for me is that, whereas Graphene OS restricts root access for end-user security, companies making locked down devices withhold root from the end-user in order to keep control for themselves.