Sounds logic :)

Render #html where the data lives.
If its stored on the backend in a database or cache, render HTML there and avoid sending potentially sensitive data to the client.
If state lives only on the client, render it there with plain old JS or your library of choice.