I can't say with 100% certainty, but I do believe the address is no longer accessible to anyone once the vendor marks the order in transit. If I understand things correctly, it's encrypted on the server (not the same thing as encrypting your address though) so there's no real risk of it being intercepted when you submit the order .... but I would definitely encourage you to encrypt your address (and any other sensitive information) BEFORE you send the order. That way, even if SR were compromised or your vendor's account were compromised, your information would remain safe / un-exposed.