My point is that if you are looking for secure communications with someone, then the point to point comms using it are secure. That is the purpose for which it was designed. Where it does not provide protection, and this may be seen as being beyond the scope of what it was intended to do, is where another WhatsApp user sends you something: whether it is someone you have already established communications with, or as this case seems to indicate, someone who can find out your WhatsApp address.
The other point to bear in mind is that if something you have sent or received via WhatsApp is still on your phone, the point of failure has become your phone not the app. If someone, be that a bad actor or the authorities, either has your phone, or has electronic access to its data, the fact that you might have received something via WhatsApp or any other secure means is irrelevant. They can read or copy it. If you want to ensure that doesn't happen, delete the data or copy it to somewhere that is safer.