Woah, I couldn't ever envisage ever trusting a "security company" that not only encouraged you to disclose your private key, but also provided a form for doing it over a non encrypted connection!

My personal opinion is don't use these guys; this is either a school boy error/complete incompetence or totally dubious.