protonmail provides encrypted "zero-access" encryption mailboxes. The way they explain "zero-access" is, at least for me, similar to zero-knowledge encryption. However protonmail has in its servers my private keys. They say that the keys are encrypted as well, but they also have in their servers my password for that encryption. Therefore, it seems to me that protonmail could at any time access my private keys and my mailbox.
Is this correct, or am I missing something?