End-to-end encrypted.
A new random key is generated on the client-side when new data is about to be stored. This local key is used to encrypt with AES256-GCM, which provides data integrity and confidentiality.
Since the encryption key is generated and remains on your side, we can not access the information.