cobalt's privacy policy is simple: no data about you is ever collected or stored. zero, zilch, nada, nothing.
what you download is solely your business, not mine or anyone else's.
if your download requires rendering, then data about requested content is encrypted and temporarily stored in server's RAM. it's necessary for this feature to function.
encrypted data is stored for
90 seconds and then permanently removed.
stored data is only possible to decrypt with unique encryption keys from your download link. furthermore, the official cobalt codebase doesn't provide a way to read temporarily stored data outside of processing functions.
you can check cobalt's
source code yourself and see that everything is as stated.