Ledgers new program shards your key/seed phrase into 3 separate pieces and then encrypts each piece and gives each piece to a different custodian (so they claim). Even though it’s encrypted, yes, your key is in the possession of third parties. Ledger claims it’s safe because of the encryption, but that requires you trusting them. The point of cold storage is not needing to trust anyone but yourself, so it’s best to use a different HWW.

Cold card is easily the most secure I’ve seen and used - it’s open source, the seed is generated locally on the device (with multiple options for generating), and you have the ability to airgap so your seed never even touches an internet connected device.