Don't ever store anything sensitive in either of these.
That only leaves the server, and that's the last place where you should want to store anything sensitive. Not only can you get hacked, just as the user can; said user doesn't even have any control to at least wipe the data if they want to be absolutely sure it won't be leaked.
Then there's the small but important factor that some data needs to be on the client, like session data, which can often be used to exfiltrate pretty much everything else from the server (although recently some large platforms have started to always ask for a password for certain operations, which somewhat mitigates this)
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
That only leaves the server, and that's the last place where you should want to store anything sensitive. Not only can you get hacked, just as the user can; said user doesn't even have any control to at least wipe the data if they want to be absolutely sure it won't be leaked.
Then there's the small but important factor that some data needs to be on the client, like session data, which can often be used to exfiltrate pretty much everything else from the server (although recently some large platforms have started to always ask for a password for certain operations, which somewhat mitigates this)