A transaction signature is needed when sending a transaction to the network. Signed transaction confirms that the sender owns the private key associated with the address and, therefore, owns the funds. Anyone in the network can verify the transaction. It also means that when a transaction is made, it is necessary to unlock the outputs that are going to be used.
Every transaction signature is unique to that particular transaction because the private key and the original transaction data are used together. So if someone tries to use this digital signature in a different transaction, it will conflict with the transaction data in the memory of the digital signature. As a consequence, the nodes in the network will not accept it.
Private keys are generated locally on your Trezor device and never leave the device. Therefore all the transaction signings are performed solely in Trezor device.