I use my own VPN mesh running Tinc [1] and some here use Wireguard. I've used corporate VPN's for work in the past. Never tried one of the commercial anonymizing VPN's. Article mentions proxies. Over my Tinc VPN I like to use a Squid SSL Bump MitM proxy so I can create ACL's and cache content in RAM on the proxy for friends to share. Some day I should make an article for setting up Tinc and Squid.

And yeah, VPN's can see all layer 4 and any unencrypted layer 7. Even if they claim no logs that could be a word game. They can have an API that permits real time monitoring. No VPN provider would last long without it. See Lavabit [2] There will always be people in denial and evoking coping mechanisms regarding this.

[1] - https://www.tinc-vpn.org/

[2] - https://www.theguardian.com/world/2013/oct/03/lavabit-ladar-...

So using a vpn is purely if your hiding something while on the net correct ?