Best solution is to not place anything in the cloud that you are not comfortable with getting out. You could also encrypt the data so it can't be easily looked at.
The reason anonymity is important and that we should be constantly survailed is because it affects so many things, not just long term privacy, or potentially your freedom, but things like whistleblowing as well.
The short time I was at college I learned a lot about assholes that don't need to be in my business. Because of the hardware hacking that I do and all the DEFCON and 33c3 that I watch they thought I was going to do something illegal and kick me out for it until I showed them the stuff I do. Otherwise, all my IRC traffic, torrents, any data transferred, anything tha I put out was fed through a company called Merit Networks. What Merit does is monitor traffic that goes through a business connection and reports anything the business doesn't like to them. When I found this out I petitioned them to remove this un-needed surveillance and even presented a stout case and a pile of loopholes left in their user agreement that were so vague you could fit jesus on a cross through it (it was a catholic school).
Sadly despite my fighting back no one gave a shit. Not even other students doing security and software studies (mostly because no one there really knew enough to understand how in-depth that shit was). So, instead I installed i2p on my phone and uploaded code that way either on 3G or the school network. When they tried to threaten me I came back around with their same bullshit arguments they made.
In all honesty if you're doing stuff that you think will make for a pain in the ass later on, cover your tracks or do it off the grid. Don't let some bullshit happen that inhibits you of your work and study because believe me they'll just persecute you and throw you out without asking any questions or any human decency. They're cash vampires with little to no interest in the betterment of your life.
I'd think it unlikely that the college has access to view your OneDrive storage, unless they mount it as a drive when you use the college computers? Then I guess it may be possible but I feel that it isn't their intention. Most of the time it's a win-win because your college doesn't have to provide as much storage/back-up space and Microsoft are likely to get your paid-for subscription after college.
You could send emails to the college IT teams from other colleges and ask them whether they have admin access to students onedrive storage, try nondenominational colleges.
Both should give you an answer to your question. I would keep the VPS though. What are you paying at the moment? I have 2 cores 5,8 Gig of RAM and 500 GB HDD for 6,99€ / month (7,50$) it does not have backups though.
Office 365 for Business has an admin interface. It is entirely thinkable that the college IT has access to it. On the other hand it is entirely possible that the college only provides a list of approved users to Microsoft.
This. Though its not my main OS, if i do need it I have Windows 10 (plus 8, server, and others), office (2016/365), older versions, xp (i think is still there). basically untill they remove the service.
i sometimes worry that this community is prone to encouraging paranoia outside the realms of "probably don't upload nudes to cloud services", which is entirely reasonable. i thought about making a thread for a discussion, but i don't think it would last.