not sure if having a burner phone that I would never answer would be much different than just giving a fake phone number, which is what I'm leaning towards.
Depends on whether or not Ledger or any other company would every actually need to "contact you about your order". I think most people give out their phone number far more often than they realize. For the sake of $5 for a prepaid SIM which I change every 6 months or so, a disposable phone number I don't care about and can hand out freely is great. I maintains my privacy, I know I'll never get phished or scammed via my real phone, and completely eliminates my concern regarding database breaches like this. Just think how many other databases somewhere your phone number is sitting in.
Probably none judging by complaints like this
Like all things Google, there will be zero effort put in to protecting their end users. It is the same trick that telemarketers and scammers use to hide their phone numbers. It is illegal, but it is easy to do and difficult to trace, so the vast majority get away with it.