There is encryption at rest (storage encryption), transport encryption and end-to-end encryption. E.g. Posteo has transport encryption and optional storage encryption. With activated storage encryption, Posteo cannot read your mail because the encryption key on their server is only usable with your password (which they do not store). Proton Bridge adds end-to-end encryption to Protonmail
It’s quite evident already from the Quran quotes he chose at the very beginning