Salesforce Box Integration - Security for OWD settings and Profile Permissions?

We have a custom object with the organization-wide sharing rules for it set to Private. We have set up the Box integration to work with this custom object. We are wondering how the Box permissions would apply here. From the documentation, it says the below:

The user's Box permissions are determined by permissions in Salesforce:

• Read/Editaccess on Salesforce translates to an Editor role in Box.
• Read-onlyaccess on Salesforce translates to a Viewer role in Box.

Are these permissions just for profile-level access to objects, or is it for both profile AND record-level access (organization wide defaults, roles, and sharing rules)?

Also, if the Salesforce user does not have read access to the record – whether it be determined by the profile level and/or record-level access – is the Box folder hidden from them?