Data Protection

Capita Business Support Services Ireland Limited were awarded a 10 year contract in December 2013 to develop and implement the National Postcode System, on behalf of the State. The contract covers the design of the Eircode, encoding public sector databases, accessing the GeoDirectory database, the launch and implementation of Eircode and the on-going management of the system for the licence period. Capita do not hold any personal data on the Eircode database or Eircode Finder. It includes business names, which in some cases can refer to an individual, particularly for small businesses or sole traders. The Eircode database is based on information received from An Post GeoDirectory.

As part of the implementation process an address matching exercise was carried out on public sector databases. The purpose of this exercise was to populate key government databases with postcodes prior to launch. Approximately 80 million records were encoded, none of which contained personal data.

Earlier this year I introduced a short piece of legislation to clarify the position in respect of Eircodes and data protection issues. The Communications Regulation (Postal Services) Amendment Act 2015 provides protection for specified legitimate postcode activities to be carried out. The exercise of these activities is fundamental to the establishment and implementation of the postcode project. An example of a legitimate postcode activity would be the creation or management, by the postcode contractor, of a postcode database providing that the database only includes the fields containing the postcode, geo-coordinate, address or a variation of address, and even then only in certain limited circumstances.