Hey and welcome in the community 
!
Yes, we download the file but we store it in the internal storage of the app. As long as you not root your phone, no app has access to this file without your permission (e.g. when sharing a file with app b you grant this app access to this file). Furthermore, only apps which you granted root access could access this folder and it is up to you, to grant root access only to apps which you really trust.