Yes it does have access to your data, at least any email coming from or going to another mail provider. Because those are not end to end encrypted. Only encrypted in transit (and even that is optional). So they need to handle the plaintext at the point of transmission.

I really don't like this about proton, they're always going on about their encryption but most emails they've seen in plain text on their SMTP servers. Because that's just how SMTP works. And so has the provider of the other party.

Once they've put them in your mailbox they can't decrypt them again but I always consider a single exposure a loss of confidentiality. The only emails this doesn't apply to are those from people using PGP (yeah all three of them) and those on proton themselves.

In my view this Achilles heel makes most of their protections irrelevant. But they still market it as if it's the email equivalent of signal, which actually can't see what you say at any point of transit. And non technical people have no idea about the difference.

Ps I'm not blaming proton for not having a technical solution for this because interoperability makes it an unsolvable problem. But I do blame them for their marketing around it.