definitely
there's something about the nature of data where it's hard to confirm your information is deleted
probably many websites that do KYC keep the information stored for a long time
too bad
Who knows whether they delete the documents or not? But what if the security system is vulnerable to hacks then your sensitive information is already at risk of exposing by the scammers getting you in trouble so always maintain your privacy and trust the legit sources only.
The information must not be sold or exchange with anyone you don't trust in hope of earning few dollars at that time.
I believe most crypto-related project that requires KYC from their user partnership with private companies which are good in the business online data activities to take care of the KYC aspect.
But for data selection, I don't think that will happen because the possibility of KYC is to know a certain user and to be held responsible if done something against the law.