OAuth tokens are stored in the odrive service layer encrypted (AES in CBC mode). This allows you to use multiple clients without having to re-authorize each system separately.
As the authorizing user, you have direct control over this information. The encrypted tokens are deleted when unlinking a source from odrive. They are rendered useless if odrive access is revoked on the storage source. In either case, odrive will no longer have the ability to access your previously linked account in any way.