Our SDKs libraries that are linked into your applications and do not persist data on their own (two exceptions below). As such we trust that the host application handles encryption, adversarial data exploits and any other security concerns.
Exceptions: RNI embedded and RES currently persist in Lucene as an implementation detail. If your question includes those we may need to dive deeper.