Yes. The Confection Cable does not execute any advanced functionality or process at your server, as such it can't be exploited to attack your server or your site. The data submission is sent using the same security as the default SSL standard for browsers.
We don't capture any information from your site, unless you explicitly says so, and only user interactions are captured by default. No data from your current database will be sent to Confection and no sensitive data will be sent to Confection, like passwords or credit card information.