That seems to be correct. My understanding (IANAL) of Schrems II is that the problem exists when a EU datacenter is under the direct or indirect control of a US company. Indirect in this case meaning operated by a EU company that is the subsidiary of a US company, as is the case with AWS, Google and Microsoft.

Since the EU datacenters seem to be operated by EU companies and the US company is merely a sibling subsidiary of Ensoxx, which itself is also an EU company, this should provide sufficient isolation to prevent interference from US agencies short of direct sabotage or espionage (since the EU staff is not in the chain of command of the US company).

So for a definitive answer you probably want your lawyers to talk to Hetzner's lawyers but at face value this is at least miles ahead of any US-based cloud provider, which in all honesty is still the default solution for most EU-based companies despite this ruling.