Of course, a untrusted proxy can do a mitm attack, getting access to all of your data. Even a trusted one! There are some famous cases as nokia https://gaurangkp.wordpress.com/2013/01/09/nokia-https-mitm/ or opera mini http://manurevah.com/blah/en/blog/Opera-Mini-MITM-attack

They say it is just for caching purposes (if the html data is encrypted they cannot serve cached images and so), but who knows what they do with your data as credit cards, etc.