Let’s say you have 100% trust in the VPN provider not storing your credit card transaction details and they perfectly shred all evidence.
Well, they are a merchant, and have a merchant account, and must be registered with some payment processing service like Stripe (at least for credit cards..). When you pay with a credit card, your transaction is sent to the payment processor, but they need to talk to the bank associated with the card. They pass this along to the payment network like Visa. Let’s say the merchant disposes all data relates to you, the payment processor will still keep that data, and that data also is sent to the payment network. Fraud vendors and banks utilize all of this information, and more, about you to determine if a credit card was stolen or not. This also means if this is in your threat model, they will know what VPN you use.
If you pay with cash, that information isn’t shared with anyone but the VPN provider. If you pay with crypto, the info is on the blockchain (ymmv depending on which coin you use, and anonymization steps taken), but isn’t shared outside of that.