Probably a boring answer but I know my grandmother's credit card information. I live with and help take care of her, so she doesn't mind sharing it with me. Not like I'm planning to do anything nefarious, but I guess technically it could ruin her financially.
Self-hosted and entirely under my control, yes. Any other manager that encrypts the store in a way where even when breached it's not useful, should also be safe…
But truly knowing is best.
The problem with that is that you can never truly know that they actually do that unless the clients are open source.