That has been my concern as well. I have a degree in cyber security and if there is a way to restore it from a 3rd party, there is a way to access your information..... Granted for all I know it could be encrypted and off site, but if a paraphrase can get to it, then it is obviously stored some where with a cipher....
Also, there is two - three step verification on those hardware wallets, but those could be potentially hacked....
I personally use paper wallets & myetherwallet (for ethereum and contracts, it is downloadable to use offline), and put it on multiple encrypted flash drives.
I appreciate your reply, thank you that was helpful.