This is not correct. By default, a second macOS account (regular or admin) will not have permissions to another user’s home directory. So trying to open the Documents or Pictures folder in the Finder will not work.
However with an admin account, anything in any account can be accessed very easily. For example, from the command line other user’s home directory permissions (by default set to limit access to only the user) can easily be reset to give access to the group. The default group for home directories is “staff”, which includes all other users. One command with sudo (which all admin users have the power to use) would give group members access.
Would be trivial to create a shell/perl/python script to traverse a directory tree, save a record of all permissions to a text file, change the permissions to give access, and afterwards change them back so things seemed normal.
Not to say Apple would do that, but if you have sensitive information that you really want protected, I’d either backup/delete it before sending it, or have it separately encrypted on disk. An encrypted zip archive or disk image would provide additional protection.
My understanding is that FileVault is whole disk encryption, so simplistically once a valid user is logged in, the entire disk can be accessed by the system. It is still a good thing and there is very little reason not to use it, especially on mobile computers.