As others have said, there are a myriad of ways to serialize data. You can use something lightweight like SQLite or just plain serialization. Just realize that any attempts you make to encrypt the data can be defeated, especially in the case of Java code since it can be easily reversed.
However, if the bulk of your users are not technical enough to understand the complexities of reverse engineering a Java program to figure out how to decrypt your data, you should be able to get away with some basic encryption methods like what was mentioned in another answer and be good. Just realize that anytime anything resides on a machine you don't control, there is no way to keep the most persistent users from figuring out how to crack it.
I personally would suggest using sqlite and using some simple encryption on the data you put in the fields so if someone is smart enough to be able to connect to the local DB file, they still have to reverse your crypto algorithm in some manner. 99.9% of regular users won't bother with this level of investigation.