Did you encrypt your address when it was sent the first time? It is not inconceivable that the vendor needs your address again, I would be wanted to know why I need to send it twice though. The only risk you are running really given you have already sent it once when you ordered is if the vendor has been compromised in some way. This is why it is a good idea to set yourself up with safe drop addresses that are not linked to you, gets rid of all the worry when ordering.