Where do iOS and iPadOS apps, when installed from the App Store on MacOS, store their data when iCloud Drive is not enabled?
Is this data encrypted at rest? Is it accessible to other processes outside of the application's sandbox?
iOS apps, when installed on macOS, get their own folder in ~/Library/Containers based on the app's bundle id. The folder structure within ~/Library/Containers/<bundle id> is very similar to the structure an iOS app has on an iOS device. None of this is encrypted.
On macOS, like on iOS, iOS apps are sandboxed and prevented from reading any files outside of their own sandbox. If the iOS app is made into a macOS app using Mac Catalyst then the app may be granted additional access to things like the user's Downloads folder but are otherwise stuck in the same sandbox.
Many native macOS app are also sandboxed and have the same restrictions as apps written with Mac Catalyst.
However, some native macOS apps can be given full disk access allowing them to read any files on the computer. This includes access to a user's iCloud Drive which can be seen as a regular folder on the user's computer.
tl;dr - Is it accessible to other processes outside of the application's sandbox? Yes, possibly by some native macOS apps with full disk access but not by other iOS apps or any sandboxed macOS apps.