While some of your points are partially correct, others are not or are substantially misleading. The deniers of VPN often do not understand what a VPN can (and can not) achieve. It is sometimes necessary to burst the bubble or frequently repeated myth.
While some network traffic uses fully encrypted protocols, it is common misconception that all modern network traffic is fully encrypted. Alas, it is not. Many protocols have unencrypted header information; others upon which communication rely are totally in-clear.
By example, your DNS traffic is (by default) an un-encrypted protocol - and conveys (leaks) considerable information about you and your traffic. This DNS traffic, in addition to being commonly monitored by the network operators(s), is often used for malicious purposes and/or as an attack vector/exploit. Where available and correctly configured, there are available mitigations for risks associated with DNS (such as DoH, DoT and DNSSEC), however, these are beyond the technical reach of most users.
As a further example, without delving into the technicalities, when using public/open networks your network traffic can be easily intercepted by other users of the same WiFi network. One immediate source of risk is session hijack/replay.
There are many legitimate reasons to use VPN. Contrary to your assertion, using VPN over public networks does provide useful and significant protection against local attacks and traffic monitoring which are endemic on public networks. For this reason alone, it may argued that using a VPN reduces (but does not fully eliminate) some avoidable risk.
You are correct in your assertion that, where used, a commercial VPN operator has visibility of your network traffic - as your network traffic is obviously being routed via their VPN endpoint/gateway. Whilst your VPN-tunnelled traffic is protected from locally prying eyes, your traffic is delivered to the internet from VPN endpoint in its original (partially encrypted) form. In using a reputable VPN service, your internet traffic is at no greater risk of traffic monitoring than when using your ISP - who monitors your traffic anyway as it traverses their own gateway to the broader internet.
To reiterate, traffic visible at the VPN Gateway/endpoint is already partially encrypted at protocol level. As such, for practical purposes, the traffic exposed to the VPN Operator is no more at risk than would otherwise be exposed on an open/insecure WiFi network. If the VPN Provider is chosen with care, risk of traffic interception over high-risk networks (such as public hotspots) can be significantly mitigated.
Use of a VPN is a “trust” exercise. In whom do you place greater (dis)trust? The open/insecure WiFi network to which you make your network connection (with all of its consequential risk), or the VPN Operator? Which carries greatest risk to you, the security of your network traffic, or your privacy?
A reputable VPN Operator (noting that “free” services are generally outside of this category) has no commercial interest in your network traffic - but may be bound by legislation of the country in which it is based to collect metadata concerning your connection - as is your ISP. Your can do very little to avoid nation-state actors - and unless you engage in nefarious activity, this should offer no concern. As choice of the VPN Operator, this simply requires wise selection, perhaps considering the country within which the Operator itself is based.
If the user has the technical capability (and competence) to correctly configure a VPN endpoint/gateway, trust in the VPN moves from that of a commercial VPN Operator to the end-user entirely - removing any perceived issues with the VPN Operators interest.