If you are that concerned about security you should be willing to deal with the effort of encrypting it client side and understanding how to also decrypt on the receiving side.
If paranoia is this high, why would a security policy text on a web page make any difference? They could claim anything they want, but you wouldn't have any idea if any actual encryption was happening, so best to do it yourself.
