Dyne:bolic is developed with your privacy in mind: as mentioned before the NEST can be encrypted to make your private data unaccessible unless your password is provided, now we'll proceed to analize in deep all the aspects of this security measure.
When an encrypted nest is created, every file you place in your home directory will be preserved in a scrambled form using a Rijndael/SHA256 algorithm: such a cypher can be considered very secure, maybe some military organizations are able to break it, but anyway that would be very expensive in terms of resources employed.
Dyne:bolic encryption mechanism employes a passfile "dyne.nst.gpg" which contains the cypher used to protect your data: that file holds the password that, matched together with your dyne.nst file, can access all the data you store in your nest. So actually that file is very precious for your privacy, you should be careful and not copy it around.
Since the passfile is so delicate, it is also protected with a password: the one you choose at the beginning, which is used to scramble the passfile through a CAT5 algorithm. Keep in mind that this cypher algorithm is weak and eventually, in case an intruder takes possession of your .gpg passfile, it will be easy to crack.
Now in practical terms all this encryption scheme means that you can safely move around your dyne.nst file separated from the dyne.nst.gpg passfile: there will be no intrusion in the data stored inside even in case you loose it. It also means that you can give your passfile to a friend, still protected by the password you memorized, so that neither you nor your friend will be able to access the nest until you meet up again. More in general, this scheme lets you separate your encrypted data from the passfile, still keeping everything sealed by the password you keep in mind, and move the data around in different places being sure meanwhile it's not accessed by anyone else.
So for sure we can say our privacy protection is way above the usual schemes used in most common operating systems, which keep your data in clear and physically accessible.
In case you are involved in some mission critical task and you are facing the possibility of imprisonment and torture, you should take a bit more care. A good practice would be to customize a bit the startup scripts of dyne:bolic to have a false password prompt, the /lib/dyne/nest.sh script is a good start. Another way can be to have an encrypted nest for which you would disclose the password if forced to, but then also another encrypted file hidden somewhere that is not prompting for a password at every boot.