In short, if you care about your privacy, you'd better avoid shopping through an official store. This is worse than any KYC on any centralized exchange.
This made me want to check out Trezor's privacy policy, and it turns out they delete order data after 90 days at most. It still comes down to trusting a third party to handle your data correctly, or to even do what they claim they'll do, but at least they're a lot less vague with how long they keep your data:
Trezor:
We strictly uphold our responsibility to protect your data. Order data is scrubbed within 90 days to minimize risks to our customers, or earlier if requested. Please, do not worry; for more information, read our blog on how to protect your data.
Ledger:
In accordance with the storage limitation principle set forth under Applicable Laws, we endeavor retaining data for no longer than the time required to achieve and comply with such legitimate and legal purposes, including satisfying any legal, accounting, tax or other compliance reporting requirements.
We may archive some of your personal data, with restricted access, for an additional period of time when it is strictly necessary for us to comply with our legal and/or regulatory archiving obligations and for the applicable statute of limitation periods. At the end of this additional period, your remaining personal data will be permanently erased or anonymized from our systems.
This probably goes without saying, but maybe the best advice to give at this point would be to stay away from Ledger completely. I wouldn't even trust Trezor to be honest, but it's up to the individual to weigh the risk of letting others handle their information.