Re: There is no breach
The bigger issue is allowing a retailer to store card details so you can cut 3 nanoseconds off placing your order or having to hunt for the last pocket/wallet you *think* you left the real card in.
I'm surprised a few retailers do have my credit card details ready despite not wanting them stored. Whether it's because the checkbox was well hidden or I checked when I meant not too (or t'other way round) I've no idea. But it would be good if GDPR could force them to make you go through a few more hoops if you really, really wanted this facility.