Why? What do you think it does for you?
All you are doing is handing over your traffic to a single gateway, which can now intercept, identify you, and monitor you far far easier. And you may even be forwarding your traffic into a jurisdiction where you are now committing crimes (you'd be surprised at what is legal in one country and not in another).
What he ^ said
This entire subject opens a can of worms that may not fit in one book. This convo could extend for months. I'm certainly not going to say you're wrong. It's a bit of a mix of paranoia, and a reason to be paranoid.
Quite frankly, unless one understands what they read in coding, they really have no idea what it's doing. There's no blanket answer. It all depends on who's programming and how that specific app (or chip) is programmed. It's almost infinite on how any coding can gather information and what they do with it. Almost every app and web page collects something. Do you trust every other piece of software you use? If so, that's foolish.
A lot of software is just the easy path to finding and making settings that already exist in Windows. You already have the ability to do things like setup proxies and static connections. If one can program (Code) you can write your own encryption software, it's not rocket science to an avid user.
As far as my opinion on VPN, I'd rather have my data and my location hidden and/or encrypted through one funnel than spewed in every direction with no leash at all. And hope they don't do as you say. I'm sure someone wrote one that does. Unless you write it yourself, you really have no idea which one does what you say, or not.
When I wrote XP Game Launcher (more in-depth than "Gaming Mode" in Windows 11, I think a MS player stole the idea from me lol), it was about 15k lines of code. I wanted to know how many people actually used it, that would tell me if I'd spend anymore time on it. So that no one got counted twice I used the fingerprint of that device, which I encrypted in a file on my server. The fingerprint number used to encrypt itself. Therefore I never knew the number. I did this to make sure it didn't re-recount. All it did was make a count, nothing else. Now if I were a deviate mind that could be a problem. But totally innocent. I could have used your IP address, but I didn't need to know where you're located, nor did I need that number to be out there, encrypted or not.
Point being, some collect for good intentions, some don't. It's very hard to tell the difference. One should be on guard when using ANYTHING that connected to Land-line, RF, Cell, Cable, Satellite, Internet. The only true escape is to use none of it. Point being, today, that would be extremely hard. OTOH, paranoia can lead to insanity.
Therefore, I suggest do what you can and put some form of leash on it. Limit what you can and hope for the best. IMHO, I suggest use VPN over nothing. It's just a personal preference.
It can be done, but there is so much data flying around, you may have a better chance of being hit by lightening. You're a digit.
