The data was found as part of a Information Commissioner’s Office investigation into how many second hand hard drives still contain personal information.
Safe & Secure believed it had wiped client information from the hard drives before donating them with other surplus office supplies to charities and local youth organisations.
However forensic scouring of the 200 hard drives, 20 memory sticks and 10 mobile phones the ICO bought from auction sites such as eBay and computer fairs revealed a range of personal information.
Computer forensic firm NCC Group found 48% of the devices still contained some information, 11% of which was deemed personal information including scanned bank statements, passports, information on previous driving offences and some medical details.
A Safe & Secure spokesman said it would now implement more forensic methods of data removal for any hard drives donated to charity.
He added: “A hard drive was indeed found by the ICO watchdog in early 2011 and it did contain some personal customer information.
“Our data controller subsequently cooperated fully with the ICO and agreed to undertake some improved process which included forensically wiping hard drives before disposal.
“It was not considered appropriate by the ICO to take any formal enhancement action against Safe & Secure.
“I would subsequently urge all individuals and companies using computers to familiarize themselves with data protection requirements, ensure hard drives or media devices are completely destroyed and keep a record of how/when hard drives are decommissioned.”