How to explain that a feature is only "partially" secure?

Background
I'm working on a mobile app for an institution that has a sharing functionality for documents that may contain private information. The user can send a document that exists in the app by email. The email content is only a link to a secure storage site hosting the document and is only active for a short period of time, after which the link expires. I need to explain to users that using this function is thus “semi-secure” and we can’t guaratee that no one else can access it (if someone has hacked the recipient’s email, for instance).

Current message copy

Sending by email: AppName hosts your document on a secure site and shares it by emailing a link to that document that expires after 12 hours for security reasons.

Questions

  1. I want the (mostly non-technical) users to be able to make an informed choice of whether to use the feature or not to send something private. How can I explain that the storage site is secure but that email is not secure?
  2. Should the message appear the first time the user wants to use the feature only?

(Also, any tips on how to get better at writing copy that isn’t clunky would be useful)