It's not even pretty good for privacy. ;-) It's important to understand the terminology. Private in data terminology means inaccessible to just anyone. Public means accessible to just anyone. Encryption has nothing to do with privacy, and it cannot provide privacy, only obfuscation. Whether you have privacy and/or obfuscation are two separate questions.

Whether you have obfuscation depends on whether you're using encrypted DM's or not (which can be unobfuscated when any party leaks their private key, so even your obfuscation is out of your hands).

Whether you have privacy depends on whether you're connected strictly to private or public relays. Privacy therefore has nothing to do with Nostr, and the Nostr protocol does nothing to ensure privacy. Privacy by definition of 'not publicly accessible' depends only on your relay servers' firewall and iptables configurations.