That isn’t correct, according to their outright statement that they openly serve as a middleman to transfer your initial token request to your card provider or bank, but once the bank sends your token back to your device in response to your initial request, they delete the transaction.
Doesn’t mean they don’t have your information in an encrypted format for a short period of time, or that it would be possible to do something with it, but it is unlikely to me that they would for the same reason that your bank doesn’t, Amazon doesn’t, and Paypal doesn’t.
Why cut your own throat?
Apple does not even act as the middleman. The iOS device has done that already before the transaction is made by establishing a relationship between the device and your bank. The bank provides the device with an identifier which both the bank and the device will share. The iOS provides that identifier to the NFC enabled credit card machine which then goes to a standard credit card service agency which handles it just like a credit card transaction. The device merely sends the one time use token. Apple never receives any of that data at all.