So really the main issue is getting the information off the server as soon as possible, so if for some reason you were hacked, they only get 1 number, or none as youve already removed them. Do the credit card companies say you cant do this sort of thing? is it chiseled out in stone somewhere? I'm sure holding CC details on the server would be more secure then the office next door, where all some one has to do is brake a window(ok yeah just an example), take the reciepts. etc. Or just look over someones shoulder when they are making a payment somewhere.
D.