It would be different in every instance. Generally the instance “owner” as I would call it. But also and developer that may have been given access.
People assume it’s admin. But as far as I can see, on my admin profile, I have no access to that data.
Yeh. That’s why I call it the “owner” rather than admin. Even though the owner would also be an admin.
So basically the owner. Or anyone who the owner gives access to.
Email requirements for registration are set per-instance. Beyond that, it's my understanding that only a user's existence is shared across instances, in order to attach you to your content. Your registration details stay on the instance you belong to.
It's a setting that the instance admin can enable or disable. Same with allowing downvotes or not for the instance.
if your worried getting spammed with emails, i'd suggest using an email relay in your Lemmy account instead of using your primary email add. Here is an example - https://relay.firefox.com/
Much like reddit, facebook or other apps with dms, only the instance owners (of the instances the users belong to) can see them. They aren't encrypted. There was some work on e2ee messages on the Mastodon side but it stagnated.