That only says that Apple self-certifies as being open for audit and that they don’t get any of this data. Who is keeping an eye on that externally though? For every release?

I don't know. They posted this about a year ago and some language was intentionally vague ("third-party") presumably because they were still selecting partners. Not everything was implemented at the time. Hopefully we get an update soon about the status of their private datacenter and more information about the auditing process. As it stands now, supposedly a third-party reviews new machine provisioning, and for releases security researchers will be able to cross-check transparency logs and use cryptography to ensure the binary running on the machine is what Apple says it is.

I think it's a pretty advanced and thoughtful approach, but it definitely has its limitations. Hopefully Apple iterates on this over time.

Between you and me, though, it's hard to tell if Apple's ostensible commitment to privacy is just theatre due to the locked down and user-hostile nature of their operating systems.