Ragic uses the same 128-bit encryption and physical security that banks use, sensitive data are all stored in encryption or hash. We do not use an SQL database, so there's no chance of SQL injection or many other security holes that you would see in most other products. Nobody can see your data through a DB console.
We use two highly trusted and popular service providers to host our servers: Google server hosting and Amazon EC2. They have extremely high physical security measures, and data are written to multiple disks and backed up daily. You can also manually backup your database from Ragic anytime you want.
If you still have concern, you can always purchase a private server to install on your own server or a service provider of your choice, and update your subscription to the on-premise version.