The encrypted LoRaWAN radio packet can be received by anyone in the device’s neighbourhood, so I assume you’re only worried about the decrypted data? That might need your own Application Server, but does not necessarily imply you cannot connect your gateways to a public Network Server.
See LoRaWAN Architecture and LoRaWAN Security for the theory, but also LoRaWAN security: Can the Network Server generate the AppSKey? for a limitation in LoRaWAN 1.0.x, as currently used by the public network. (A private TTI instance might not suffer from that, but I’m not sure what’s offered there. @laurens?)
And: Setting up a Private Handler connected to the Public Community Network.