Are conditional filters filtering in the backend or frontend?

Hi there!
I am new to softr and the No code community in general.

I have been trying to figure out what kind of database, backend logic I would be using, and I learned that front end filtering could be dangerous security wise and that I should filter the information in the back end with a custom api endpoint with the user authentication information.
Is this what softr is doing when accessing Airtable data and show the data that is linked to the signed in user? Or is it calling the whole database and filtering it on the front end?

I have sensitive information that other users should have no access in any form.
I would like to know if anyone has come across same questions and has covered this topic before!

Thank you for any help!