Since Baanx group don't know addresses from ledger customers (I hope) this means that I can send coins even from hot wallet or exchange to that card, totally unrelated with ledger.
It would be terrible f they need some proof and connection that coins are really coming from ledger device address.
I don't think you will. Most probably you will only be able to get a deposit address from Ledger Live. But once you see that address, it might be possible to deposit crypto from let's say an exchange or some other wallet that isn't Ledger Live. Or maybe they have a way to whitelist only your addresses that have been funded in the past in LL.
I don't use Ethereum so I had no idea about this, but wow. How can they possible call it a hack-proof experience when you have to send your ETH off to some random smart contract. The number of token contracts and smart contracts which have had critical bugs and vulnerabilities in them is uncountable.
They provide false claims. The fact that your private keys never leave your device isn't important because your coins do. But isn't that exactly how staking works all over the place? You have to lock the coins for X amount of time, send them to an exchange, and you can't get them back until your staking period expires. The safety of the keys has nothing to do with it.