Privacy Act 1988

PART IIIA - CREDIT REPORTING  

Division 3 - Credit providers  

Subdivision F - Access to, and correction of, information  

SECTION 21V   INDIVIDUAL MAY REQUEST THE CORRECTION OF CREDIT INFORMATION ETC.  


Request

21V(1)    
An individual may request a credit provider to correct personal information about the individual if:

(a)    the personal information is:


(i) credit information about the individual; or

(ii) CRB derived information about the individual; or

(iii) CP derived information about the individual; and

(b)    the provider holds at least one kind of the personal information referred to in paragraph (a).

Correction

21V(2)    
If the credit provider is satisfied that the personal information is inaccurate, out-of-date, incomplete, irrelevant or misleading, the provider must take such steps (if any) as are reasonable in the circumstances to correct the information within:

(a)    the period of 30 days that starts on the day on which the request is made; or

(b)    such longer period as the individual has agreed to in writing.

Consultation

21V(3)    
If the credit provider considers that the provider cannot be satisfied of the matter referred to in subsection (2) in relation to the personal information without consulting either or both of the following (the interested party ):

(a)    a credit reporting body that holds or held the information and that has an Australian link;

(b)    another credit provider that holds or held the information and that has an Australian link;

the provider must consult that interested party, or those interested parties, about the individual ' s request.


21V(4)    
The use or disclosure of personal information about the individual for the purposes of the consultation is taken, for the purposes of this Act, to be a use or disclosure that is authorised by this subsection.

No charge

21V(5)    
The credit provider must not charge the individual for the making of the request or for correcting the information.

Interaction with the Australian Privacy Principles

21V(6)    
If a credit provider is an APP entity, Australian Privacy Principle 13:

(a)    applies to the provider in relation to personal information referred to in paragraph (1)(a) that is identification information; but

(b)    does not apply to the provider in relation to any other kind of personal information referred to in that paragraph.

Note:

Identification information may be corrected under this section or Australian Privacy Principle 13.



Exemption for certain non-participating credit providers

21V(7)    


This section does not apply to a non-participating credit provider.



This information is provided by CCH Australia Limited Link opens in new window. View the disclaimer and notice of copyright.