These days I'm also worried about US companies having my data. I hate that we're at that point, but with Trump talking about taking an ownership stake in AI companies, and tech companies, including the leading AI companies, lining up to participate in the war crime of the day, I don't have a lot of faith my data is any safer with US companies than those in China.
Though, I added Mistral's latest model to the mix in the hope that some European model could be a contender, but it failed completely. I don't know if it hit safety guardrails or is just not competent at security work, but it scored 0/9. No errors, it returned the empty JSON set it was supposed to return if it didn't find anything. But, there were plenty of real bugs to find, and some very small self-hosted models found at least some of them.
I think it is a bit naive to assume that companies that have built their moats on violating copyright, scraping and ddosing all of the internet, and distilling each other's models will not leverage our data if they can have financial benefits out of it.
I don't think that the country matters, whoever you send data to among these AI labs you are at security risk and data risk.
I hope that someday there are AI companies for whom ethical behavior is a selling point. We're certainly not there for the current leaders, though vibes vary a little bit between them. Some seem scarier than others.