For security reasons, we avoid collecting credit card information and other sensitive data like date of birth, Social Security numbers, and driver’s license numbers (even when it's a truncated version of the number) via email messages. Our email is not encrypted, so we are not able to securely send the information that way.
The best solution we’ve found is to collect this information via a third-party webform or scheduling platform that you set up and maintain.
For HIPAA Compliant Customers: We are able to collect certain protected health information with our HIPAA compliant Ruby service. Details are available here.