Traffic from the source to destination to the remote is encrypted.
If the person has admin access to the box, they can look at your rclone.conf which has keys and such in it.
It would be similar to browsing a HTTPS site and what a skilled admin can do to decrypt things depends on them if they have admin access and you are using the same box.
Understood. Allow me rephrase a bit, you're right, "sees" is a bit of a bad choice of word.
After rclone fetches the data from the remote source and syncs it to the remote destination, is there a local copy involved in this process? And if yes, does rclone delete it after the sync is done?