These are the server-side entities that are exposed to the user. Just because the user-facing entities are deleted, doesn’t mean that the object has been wiped from OpenAI’s servers.
On the contrary, going back to the data controls page, OpenAI clearly states that they’re going to retain logs for 30 days for abuse monitoring. If setting store=False was enough to stop them from doing this, then malicious actors would simply set store=False in their API calls, which defeats the purpose of abuse monitoring.