I prefer setting up an airgapped wallet myself, rather than buying a hardware wallet. If you have the knowledge of making a device truly airgapped, then i would recommend it over a hardware walet, all you need do is to create a complementary online watch-only wallet to view your balance, create transactions and broadcast them to them network. Your seed never leaves the offline device and is never connected to the internet. Too bad for this person to lose this huge amount of money when trying to secure their funds better.
The other point I'd make about going with airgapped bitcoin core, is that IIRC I believe it's close to the only option that doesn't connect your IP and whatever browser/ad-network traceable history and likely your street address you have with your coins.
HWW solutions disclose that you're a serious cryptocurrency investor in the form of shipping information. Worse, things you might do to try to protect against that like buying something in person are at odds with the security measure of buying from official sources. No one should forget how ledger was hacked multiple times for their customer purchase/shipping info.
When you use any wallet that isn't backed by a locally running Bitcoin node they send your wallet addresses (or something nearly equivalent) to a third party server, in many cases via a browser which easily leaks other PII. These lite wallets also link your addresses together even if you manage to successfully use them via TOR and conceal the direct personal connection.
The only way to confidently keep information private is to not share it. Best way to do that is to run a local node. Most HWW don't officially support just using the HWW as a signer against a local node, which is just another sign that they actually don't give much of a darn about your security or at least don't care about the kind of security appropriate for people with non-trivial amounts of bitcoin.
