No phone book and other personal data stored in file system that open for usual user! If you find anything trace of it in files you must urgently send a message to Garmin. It is the serious vulnerability!!!
But I agree that non-volatile memory isn't secure also. But it is more secure than usual file system. I hope you know what deleting of file it does not mean the physical removal of info from media.
P. S. You is very young but I am remember a great collision with the one of version software of Nuvi 660 when any can read another's phone data after pairing with other phone!