I'm sure that they are reasonable and I would not wish to disparage or defame them in any way, especially not in a slanderous way. I have no experience of them.
The question you need to ask yourself is:-
If they were to be attacked and your data copied and/or deleted, would that be a problem?
So, when you break it down further:-
- Is it commercially sensitive?
- It is personally sensitive? - e.g. customer details
- Is it critical to your recovery processes?
These are the things you should consider first. If your data falls into any of these, then I would suggests you need to arrange a paid-for contract with a supplier and store real media with your own encryption and practice the recovery process.
This last point is very important. Imagine assuring the regulator/auditors/government/whomever for years that the backups are all fine only to find that you can't actually restore.
I hope that this gives you something to consider.
Like I said at the beginning, I have no experience of the companies you mention and do not wish this to be considered as defaming or slanderous in any way, but
YOU are responsible for your data so you have to consider the risks you might be exposing yourself to, even if these are reputable companies.
Robin