OK, "guarantee" is a bit strong. But for example, if the keys are generated client-side and they never see the key, like on tarsnap, then I wouldn't have to take them at their word that they totally promise not to look at my files.
The problems here are searchability, padding to hide sensitive file size, and having to move large containers back and forth to make small edits. If the remote backup is designed around a proper client-side encrypting product, you can have all this easily. If the encryption is done with a plugin, you might accidentally forget to pipe backups through it, or you might misconfigure something. So yeah there's things like cryptomator, but they'll never be as properly designed service with automatic client-side encryption.
