Well, that would be a question I'd be asking the host. (Technically if it's merely proxying between servers in a secure environment, then there's little risk of data being tampered with, but it's not guaranteed since it truly is not encrypted while being transmitted between hosting servers.)
You're right that it raises an alarm, and brings the hosting integrity into question.
If they can't give concrete proof that the data is secure in that scenario, I'd be double-questioning the service.



