All infrequently accessed files are stored on AWS S3. All files are encrypted server-side using AES-256 with the AWS S3 Master Key. When uploading files to this bucket, you must set this encryption option, otherwise uploads will be prevented by the bucket's policy. Unfortunately, this also means using an app like Transmit won't work since they don't offer this encryption option (as of April 10, 2016).
The intention of these backups are "last resort" backups, so hopefully they'll never actually need retrieved. With that in mind, Lifecycle policies are used to archive files to AWS Glacier after a short period of days.
Using AWS because it's dirt cheap, however since the user experience isn't the greatest and Glacier retrieval prices can be a slippery slope, it's only used for infrequently accessed files and backups are uploaded only a few times a year. Most directories will consist of subdirectories named by year (e.g. finances/2014, photos/2014, etc)
Lifecycle policies