I got Tutanota on Christmas for €36 for a year, its nothing special but i dont mind paying €3 /month to not have my emails data mined and custom domain support. Some things to note:
You can log into your account using any of your email aliases(None custom) and you cannot delete email aliases you can only disable them.
The email domains do not look very good in English speaking countries.
You cannot use it with Thunderbird.
The web client ui isn't very good
500gb of email storage is useless.
While Tutanota does offer end-to-end encryption you should rather use pgp to encrypt your email's contents instead, there's a great program called kleopatra that makes this simple.
You can use a already logged in device to approve the 2fa request.
Thanks for the reply, my concern for question 2 was if someone knows my domain they could discover my paypal account just by searching paypal@MyDomain.com if i where to follow that naming system which most people seem to do. Some services let you search by email.
If you're worried about slower speeds and higher ping you can split tunnel applications so they wont be affected by the VPN i do this for things like games and freetube(doesn't seem to work with my vpn enabled).
Make your main browser secure and private and use tor/mullvad for anonymity.