When you backup the endpoints that is by default encrypted and you can only restore the data from either DLO administration console or DLO agent console on endpoint (if you have granted user restore rights)
Hope this answers the question.
Usually end users are reluctant for allowing their data to be stored on server, this is where you can tell them that their data is safe and nobody else can view that.