Thanks everyone for all the advice...
Speed, regarding your comment: "anyone storing credit cards on a shared server is completely insane. If those cards numbers are stolen then you are almost certainly going to be liable for any and all costs involved." Absolutely - this is why I am researching my options - I'm not doing anything unless it's completely secure. Sounds like there are a lot of ways for me to go wrong here though...

Shift4SMS, I will look into the tokenization a little more. This is not an ecommerce site, it's an html based site. The reason I want the credit card number sent to me securely is because we provide tourist accommodation and I get a lot of email enquiries. I respond to them and if we have rooms available, we need the guests credit card number to secure the booking. We don't charge them until they are physically on our premises and then we run it through our cc machine. At the moment we have to ask them to telephone us (some people do email the info, even though we tell them not to!).

We do have instant online booking with a third party provider and that works fine, they collect the cc info and any liability lies with them. We pay for that of course. So my query was to find out with our direct bookings if it was possible for me to get access to the cc number securely, I don't want to actually store it for any length of time. We have issues with Data Protection Act in my country that I have to follow anyway.

I often book hotels online for myself and obviously I have to put in my cc number, if I remember correctly they are charging my card right away. If you phone and give your cc number, they hold it until you check out usually.

So if the risks are too great I am not going to do down that road!
Thanks again everyone.