Storing buyers information is against SR rules and should not be done under any circumstances. There has been however occasional cases where this has happened which is why you should only ever send identifiable information encrypted using PGP. This of course would not stop a vendor keeping your encrypted details stored somewhere but at least they could not be read by anyone else unless the vendor gave up their passwords etc. To ensure the maximum level of safety you should try to only use anonymous drops that are in no way linked to you or people you know, that way there is no link between you and the vendor ever.