externally hosted application - access to the private network

I am trying to establish (albeit from a layman’s low tech management standpoint – please bare this in mind in your responses) how one of our externally hosted IT applications works. I asked for a diagram of the infrastructure behind the application from the 3rd party, and all I have been told is there is just 1 server in the hosting companies private network. There are appropriate firewall rules between our private network and the 3rd party who host and manage the application.

My question is, is it common for such a setup for an externally hosted application – i.e. firewall rules that allow customer access directly into the private network to access the application, and also just a single server that houses both the application and the database? My view was normally you’d have a DMZ application server that we would access, and that would have appropriate firewalls to the database server in the private network? Which setup is more common? Have you ever come across a hosted app whereby your staff is allowed straight into the private network to access it? Aren’t the application code and the database server normally 2 different computers? I wasn’t sure if this sounded like a mistake in the infrastructure diagram – so wondered how common such a setup was?