Only way to be sure from your side is to use a client-side encryption. All server-side encryption is done on the server-side, if they control the server-side …
That’s something you could ask them. Usually, service providers try to keep stable setups and therefore often don’t use the latest versions and probably can’t guarantee good operation with any app that is offered in the NC universe.