The data files are transmitted in their encrypted form. The sync protocol (which knows what data has been changed) is also transmitted encrypted. Thus, we have an end-to-end encryption. Everything can only be decrypted, if one knows the Safe password and has the key file.
To increase security even further, we do not directly transfer the key file.
For example, a Safe from a Mac is transferred to an iPhone for the first time, then SimpleumSafe creates a synchronization configuration as an encrypted QR code. This QR code is then photographed and evaluated by the iPhone. Afterwards the input of the Safe password is necessary and the Safe can be created and synchronized on the iPhone.
This additional security function protects the synchronization data from attackers. Even if they know the password and managed to steal the data from the cloud, they still lack the key file.