No, not really. But why would you want to?
Well, the better answer is "well, yes, of course you could, unfortunately everyone else has drunk the kool-aid and everybody uses these crappy not-actually-DDNS-just-appropriated-the-term-for-their-own-use crap services."
Actual Dynamic DNS, as outlined in RFC2136 and followups, allows a client device with knowledge of a TSIG key to publish a DNS record. This can be used on a local network (for example by DHCP/dhclient as an exit hook) to update DNS to reflect dynamically allocated IP's on the local net. It can also be used over the Internet to update a remote nameserver. This works swimmingly well and is how you would want to do this in a professional setting.
The problem is that you do need to have a fixed-IP DNS server somewhere out there. This *could* be a service provider, but the last I checked, I couldn't find any of them that supported this. They all seem to want you to log into a web server that then interfaces with their DNS backend.
I am trying to avoid any dependency on a service I don't have any control over and also to avoid another potential way for my data to be accessed or vulnerable.
Exactly.
How do you think that using a third-party DDNS service would increase this risk in any way?
Easy peasy.
The reasons you would want to self-manage this are similar to the reasons you want to run other services yourself ... big services, especially ones that are free, are a target for hostile actors, and if a bad guy can subvert the underpinnings, you become vulnerable.
For example, if I can social-engineer a "DDNS" service provider into allowing me access to the DDNS account, maybe by claiming I lost access to the email address, I can then take over where "danb35.crappydns.com" points to. What good is that? Well let's say that I know you've been talking up Bitcoin on the Bitcoin forums and have mentioned how you store your Bitcoin on your safe and highly secure FreeNAS box with encrypted disks and all that. So I point your DNS elsewhere, to a box at a datacenter where I set up a proxy for ":*" and analyze your traffic. I find that you put ssh on :5522 and are running web stuff with a LetsEncrypt certificate on :5543. A transparent proxy through to your original IP address leaves you none the wiser that I'm intercepting the traffic. Now, because I'm a smart intruder and I'm specifically targeting you, I next obtain a LetsEncrypt certificate for "danb35.crappydns.com" because I can do that as the new "owner" of your DNS label. Then I stick an SSL-peeking proxy into the data path that legitimately appears to be "danb35.crappydns.com". And I wait. Because you're unlikely to ever notice. Maybe I know a way to compromise NextCloud. Or maybe I just wait for you to log in to your NAS administration portal, which I've conveniently intercepted into a fake authentication portal. I can probably tease you into doing that by breaking something that you expect to work from remote. I have a pretty good chance of being able to find a way to tease a password out of you, without your realizing that there's an interception in the middle. And the instant you are "dumb enough" to log on with admin credentials, I'm going to be trying that via SSH, and then I'll be in your NAS.
This is how targeted attacks work. Are they common? Not really. But they happen.
I'm not dead set against outsourcing stuff. I run email for a lot of people, for free. Mail's a difficult problem for end users to solve. I've been running email since the '80's. It's a classic thing that is most practical when outsourced. But there's a LOT of fake phish out there, the "your email account is over quota" or the "your account needs to be verified" stuff. Occasionally I'll get a call from a user about these. The conversation is usually quite short, along the lines of "Why would I send you an email asking you to verify yourself? I have your phone number. You have mine." That's a level of service you can't get from Google or Yahoo, who operate at a massive scale with people they don't even know at all.
The less you find yourself married to a service provider, especially a free service provider, the less open you are to certain types of attacks.