If you want the client side to not have any access at all to the data you would have to keep it in a persistent object as all NPOs get held in the client-side memory, if I remember this correctly, therefore a user could acquire it through the client API.
Personally I would retrieve the data when needed if this is possible to avoid extra handling.
If that’s not an option and you want to minimise data storage you could keep it in a persistent object associated to your main object. You’d then want to perform some form of cleanup to ensure you’re not storing it indefinitely.
Hope this helps
Well, the data is appareantly available on the external system, so I guess the most safe option is to not store this private information at all in your own application. Just retrieve it again once you need this in the next microflow.
And keep in mind that Dragos is correct: if you open the page, check the data that is handed to the client. You might want to do a ‘Delete Object-activity before opening the page.