Hi wasmitnetzen. I don't want to discourage you from self-hosting OwnTracks, but I would like to clarify one thing about Zood Location. The server doesn't store any location data in plaintext. Your location is encrypted before it leaves your phone in such a wat that only the intended recipient can decrypt it (Zood can't view it). That encrypted payload is placed in a drop box on the server for the recipient to pick up later. Newer payloads of encrypted location info will then overwrite the old data in the same drop box.
A case could be made that hosting an instance of OwnTrack with your location data in the clear on a VPS somebody else controls is less safe than storing it encrypted on someone else's server.
I'm not saying Zood isn't safe to use, but security isn't binary, and a centralized service is always a more lucrative target than a self-hosted one just because there is more data there. And it's also not just a technical question - what stops you from being acquired by $MEGACORP, pushing an update which removes the E2E and start mining the data? That (the acquisition, not the E2E removal) actually happened to me before[1] with a location tracking app.
I don't know of any legal way to guarantee that a company won't be acquired, and start exploiting it's user base, but I think there are some signs you can look for to see if it's the kind of company that you want to patronize. In the case of Moves, it wasn't open source and didn't offer end-to-end encryption. Privacy and consideration for its users was never in its DNA.
If Zood offers Moves-like location history in the future, it will also provide a method for exporting the location data to CSV or similar (data portability).
A case could be made that hosting an instance of OwnTrack with your location data in the clear on a VPS somebody else controls is less safe than storing it encrypted on someone else's server.