DNS name resolving work by having a resolver traversing the domain name from right to left, starting in theory (but not in practice) by contact the dot servers, then to a TLD (com, org, net) server, and last to the domains name servers.
However, this is not how things is commonly done. Most client machines simply sends this work over to their ISP (or google), and wait for the third-party to do it for them. The third-party then datamine this traffic in order to get revenue.
In general, what you willingly give to a third-party can never be seen as inherently private. Additionally, An intruder that want this information would have to hack, tap or steal the information rather than just leaning on the ISP/Google.
However, this is not how things is commonly done. Most client machines simply sends this work over to their ISP (or google), and wait for the third-party to do it for them. The third-party then datamine this traffic in order to get revenue.
In general, what you willingly give to a third-party can never be seen as inherently private. Additionally, An intruder that want this information would have to hack, tap or steal the information rather than just leaning on the ISP/Google.