Have seen some webinars + read the documentation, so got the info from there. Hope some of these answers help 
- What’s the architecture design of this service?
- How is confidentiality of store/registered information managed (i.e. Customer A should no be able to search or see Customer B booking information)
No sure what you mean here. Only way you can see booking info is if you have access to the Bookings app. Per now you have Administrator, Viewer and Guest role. Admin and viewer are the only ones that can access the app, and have to have a account and O365 license, and be invited to the Booking calendar.
- Where are all the submitted information stored? (e.g. SharePoint site, mailbox, etc.)
From the FAQ-page:
Where is Bookings data stored?
Bookings is a Microsoft 365 app, meaning all data is stored within the Microsoft 365 platform and in Exchange. Bookings uses shared mailboxes in Exchange to store customer, staff, service, and appointment details. Compliance policies for shared mailboxes in Exchange also apply for Bookings mailboxes. All customer data (including information provided by customers when booking) is captured in Bookings and is stored within the app, thus it is stored within Exchange.
