In your phone storage, you can even do remote signing with a hardware signer, your private key doesn’t necessarily have to be on your own device

Not definitive though. When developing a client the developer can do it any way they choose.

It sounds as though it would be up to the user, which I’m ok with. If they truly value their privacy they would learn how to use the tools.