So for what other purpose do you need the personal information, when processing a free download?
When we started IndieCity we wanted to allow users to log in to the download client from anywhere and have access to their whole library. It wasn't a design decision taken with the Pi Store in mind as that wasn't even on the horizon when we started the service, but we still felt it would be a useful addition.
As the Pi Store is using IndieCity then it uses the same systems as IndieCity.
Besides that the currently policy already allows the disclosure of personal information to prospective buyer of assets, and users can be considered an asset.
These clauses are in the instance of IndieCity being sold, allowing a new owner to continue running the service.
Our legals were actually altered specifically for the Pi Store to allow us to share information with the Foundation, otherwise with our old terms we would not have been able to.