Assuming your data stays at home, without opening any firewall ports, then maybe your data is safer. You're still only one malware/burglary/house fire/flooding/accident away from losing it.
The moment you start opening ports you're no longer remotely safe. Cloud providers have dedicated staff monitoring services (or monitoring systems monitoring services) for anomalies, as well as people monitoring their networks. These same people will also know in advance when a new patch is coming for some 0-day exploit that might leave them vulnerable.
Compared to your setup at home, where you will patch it "eventually" (at the earliest when you get home from work), and you won't know if you're the target of an attack until your server gives up.
Not to mention the risk of losing other data. The LastPass leak a couple of years ago was made possible by attackers gaining access to an unpatched Plex server on a developers home network, from which they could gain access to his work laptop. LastPass had questionable security practices sure, but the validity of the attack still stands.
The moment you start opening ports you're no longer remotely safe. Cloud providers have dedicated staff monitoring services (or monitoring systems monitoring services) for anomalies, as well as people monitoring their networks. These same people will also know in advance when a new patch is coming for some 0-day exploit that might leave them vulnerable.
Compared to your setup at home, where you will patch it "eventually" (at the earliest when you get home from work), and you won't know if you're the target of an attack until your server gives up.
Not to mention the risk of losing other data. The LastPass leak a couple of years ago was made possible by attackers gaining access to an unpatched Plex server on a developers home network, from which they could gain access to his work laptop. LastPass had questionable security practices sure, but the validity of the attack still stands.