Personally I don’t trust companies who aggressively advertise like they do, but that’s not a real reason grounded in evidence. It just tends to be correct. I recommend Mullvad.

Nord had a very bad incident a few years ago https://techcrunch.com/2019/10/21/nordvpn-confirms-it-was-hacked/

They were also REALLY late to the disclosure and tried to play it off as “them being responsible”:

NordVPN said it found out about the breach a “few months ago,” but the spokesperson said the breach was not disclosed until today because the company wanted to be “100% sure that each component within our infrastructure is secure.”

They (at least were) also very aggressive about advertising (all over YouTube at one point sponsoring all kinds of stuff)… Which is typically the opposite of what you want.

Proton has had write ups in the past about the VPN review market as well and how a lot of reviews are “whoever pays us the most money is the top VPN.” Proton has a strong enough track record in their other software for doing the right thing and truly valuing security, privacy, and open standards, so I’m inclined to believe them. VPN was one of the first spinoff products they launched when it was still mail, and they did so because some of their more sensitive customers (think journalists in some bad parts of the world) were having to rely on third party VPNs of questionable integrity.

I trust Mullvad and Proton at this point for VPNs, nobody else.

I use Proton vpn and love it. I actually like mullvad more as a standalone vpn, but Proton vpn is still great and I use it because of the whole bundle. It’s a great deal and VERY convenient. The unlimited email aliases built in seamlessly to the password manager is a game changer for easy to use privacy.