I don't know about anyone else, but I'm leery of apps that say "proven security and compliance" and then don't offer any obvious details, or proof, about what that "compliance" is. ISO 27001, SOC2, what?
Clicking through on the link under that section explains that they're compliant with GDPR, Privacy Shield, CCPA, and HIPAA on the privacy side. In addition, they've completed SOC 2 Type 2 and SOC 3 compliance, have a link to security assessments/penetration tests/cryptographic analysis done in 2020 and 2018 by third party pentesting firms. For each of their claims, they've got links explaining details, and if none of that is enough, it's completely open source, so you can go code spelunking yourself to verify their claims.