Hi,
For your requirements there are 2 ways to go:
1) a trusted third party: Docker containers or virtual machines running on a server managed by a trusted party.
You need the third party because otherwise the server must be managed by you or by the client, and the manager has unrestricted access to all the containers and guests running on the machine. There is no way around this, even if you use encryption/passwords/scrambling: the host can access the memory of it's guests, and any files/databases are loaded unencrypted in RAM (otherwise they would be useless).
2) have two separate servers, one managed by you and the other one managed by your client. Each server must be physically located at different companies.
If both servers are in the same room, the one who gets physical access to the room has access to the data. It's technically impossible to prevent access to data while allowing physical access.
If you need to have MySQL and Django on the same physical server, then option 1 is the only way to go, but that means you have to find the trusted third party (a service provider).
To answer your other question: two Docker containers can run securely in perfect isolation, without having access to each other. But the host has full access to both containers, and who manages the host has all the data.