I'm not sure how this works, I will be happy to hear any clarifications from anybody else.
I'm just a user here learning too, let me tell you my setup currently. I don't trust my PC OS, at least not compared to GrapheneOS. Currently, I never connect my phone directly to my PC. Instead I transfer files via an external USB hard drive. I keep my files encrypted outside of GrapheneOS, i.e., when I store them in any cloud storage, on an external hard drive, or on my PC. Within GrapheneOS I rely on the filesystem-based disk encryption and the Storage Scopes feature.
Am interested to hear what other people do.