Never decide. The entire VPS, with all the giblets, keys, ciphers and other nonsense, can not be saved by the hoster from stealing the encryption key, with which the partition must be decrypted before loading, and nothing is encrypted in memory anyway :)
Therefore, the hoster has access to ALL
Question here it is solely in trust and the need for the hoster to deal with such nonsense. In 99.9%, the hoster is not interested in you if you do not do some actions or do not store certain information on which you can earn. Well, or if you are not a media person. In addition, very often VPS is in a country with a different jurisdiction.

Maybe.
The solution is simple - raise your VPN server.

In addition to sick people in the head, most vpn tors and other things are created by services

A vpn server can (and does) sniff traffic and log connections from its clients. And if you managed to use an https proxy in the browser (the one that does not encrypt client data), then the vpn server, or rather the proxy, can sniff your encrypted traffic (for example, proxy auto-configuration is enabled in the browser).
The OWNER of the hardware on which the vpn server is raised, if the installer of the vpn does not perform the necessary minimum of counteraction (do not use nuclear virtual machines like openvz / lxc / ... and for example, full kvn virtualization, but rather use bare metall, install only proven software and kernels, encrypt partitions,..) can do the same as it can easily access your vpn keys.
If we are talking about connection logs, then even without keys everything is statistically pulled out! The connection of the client to vpn is visible to the provider through which the server on which the vpn is running is connected , at the same moment vpn makes a connection to the target machine that the client has accessed, by the packet size and timings you can see who connected where and in some cases you can make an assumption on what https pages are rummaged by the client, you do not need to decrypt anything.
The latter can be overcome by cascading vpn connections in different jurisdictions that are reluctant to share data.
The only protocol that protects clients from such analysis is i2p, since it mixes in garbage traffic, i.e. raise your vpn server, i2p gateway and connect the client via i2p to the vpn server. What will be the speed you can guess for yourself.