Every company you listed is bad.
NordVPN wasn't caught yet, but it's to good to be true and ALWAYS having 73% off is illegal marketing.
Betterhelp sold data to facebook to retarget you with ads.
SquareSpace had a security issue were entering the email of an old, not yet migrated account, was instant account takeover... how does this slip through security reviews?
Everything that needs my favorite minecraft youtuber to advertise it, is scam. It wouldn't sell without influencer marketing.
Using a VPN doesn't expose the domain names you're viewing (via SNI) or the IP addresses you're connecting to to your ISP. It also (therefore) doesn't expose to the ISP the volume of traffic you're sending to a particular site, when you connect to it, or how long you stay there.
Whether your ISP is part of the threat model you're interested in mitigating is up to you personally, but this is how, depending on that model, a VPN can be more secure than HTTPS.
But if you're using it for mildly illegal things like having the Netflix catalogue from another place it's probably good enough.
Just don't install their app, configure it yourself, don't use it full time, and don't expect protection from anything other than low level law enforcement from your country. Expect your connection to be monitored when you're using it, as much as can be (so not breaking encryption, but all the rest for sure).
I have absolutely no evidence whatsoever other than the fact that it's been a high visibility service for very long, which makes me think it would have already been taken down a while ago if it was actually effective at protecting high value targets