If I understand this correctly, it only affects certificates issued by public CAs (certificates for public websites, for example). So for certs issued by a company CA (e.g. for internal infrastructure), it should not apply. Can anyone confirm?

If privacy is your concern, then I’d use two different mail addresses / domains. One with your “professional” TLD (mail@johndoe.com) and one wirh your privacy focussed TLD (mail@anon.com).