Even if we did have server side code...
First, the way our solution works we would end up pulling those variables into the DOM so that all tags have the ability to access the data.
Second, the calls made to the tag vendors still come straight from the browser so any user with developer tools viewing the network log could easily see the data being sent to those tag vendors.
I'm not familiar with your implementation and the type of data that needs to be secured. Please know though that we have worked with many clients in regard to sensitive data and have figured out a way to handle each situation. Your best bet would be to talk to your Solutions Engineer to determine how to handle your unique needs.
Hopefully this sheds some light, but please let me know if you need any more clarification or this didn't properly answer your question.