Once you have KYC verified yourself, you should assume that your information is stored on X Y Z servers for ever. I would never take the word of a company (regardless of how established they are) serious when they tell me that they have deleted most of the sensitive information they have about me.
Even if they did truly delete your data, who says they haven't been hacked? Or that an employee copied their database and use it to extort them at a later stage through a proxy? I rather be paranoid than too comfortable in times where crazy things are happening with people's information. Crypto as a whole is too immature and unprofessional to take serious.