We take credit card security seriously.
For this reason, we at Balsamiq never, ever have access to your full credit card information (more info.) We are able to see some details about the transaction for reference, such as the last four digits of your credit card number, but not your full card information or CVC (security code).
If you are purchasing a Balsamiq license (for our products Mockups 3 for Desktop, Wireframes for Confluence Server or Wireframes for Jira Server) from our website, you will be purchasing directly via Stripe. No credit card information passes or is stored on our servers.
In the past, we used a subscription management service called Pin Payments to collect and securely store card numbers. After switching to Stripe, all payments for new subscriptions (Balsamiq Cloud, Balsamiq Wireframes for Google Drive and myBalsamiq) are being collected by them. The card information of a small number of our subscribers is still stored securely in Pin Payments, but these are slowly being migrated over to Stripe.
If you have any additional concerns or questions, be sure to let us know!