The Office of the Data Protection Commissioner has criticised the lack of notice given by Dublin City Council to its customers about the transfer of its waste collection service to Greyhound Recycling and Recovery.
But the Office found that the transfer of customer information from Dublin City Council to Greyhound did not breach Data Protection laws.
However, the Commissioner has asked the private waste company to make a number of undertakings about how they use the data they were given in order to carry out debt collection services on behalf of the council.
It says that so far only names, addresses and details about waivers were transferred to Greyhound.
The company has been asked to ensure that none of the staff who handle personal data in the context of debt collection have access to personal data in relation to the waste collection service and that these two databases be kept separate.
The Commissioner also asked for an audit process to be put in place and carried out by a third party within six months of Greyhound beginning their debt collection duties on behalf of the council.
The third party who will carry out the audit and the terms of the audit will be decided with the agreement of the Office and they will receive a copy of the report.
