Privacy Act 1988
PART IIIA
-
CREDIT REPORTING
Division 4
-
Affected information recipients
Subdivision B
-
Dealing with regulated information
SECTION 22D
USE OR DISCLOSURE OF INFORMATION BY A RELATED BODY CORPORATE
Prohibition on use or disclosure
22D(1)
If:
(a) a body corporate holds or held credit eligibility information about an individual; and
(b) the information was disclosed to the body by a credit provider under paragraph 21G(3)(b) ;
Permitted use or disclosure
22D(2)
Subsection (1) does not apply to the use or disclosure of the information by the body corporate if the body would be permitted to use or disclose the information under section 21G if the body were the credit provider.
22D(3)
In determining whether the body corporate would be permitted to use or disclose the information under section 21G , assume that the body is whichever of the following is applicable:
(a) the credit provider that has provided the relevant credit to the individual;
(b) the credit provider to which the relevant application for credit was made by the individual.
Interaction with the Australian Privacy Principles
22D(4)
If the body corporate is an APP entity, Australian Privacy Principles 6, 7 and 8 do not apply to the body in relation to the information.
22D(5)
If:
(a) the body corporate is an APP entity; and
(b) the information is a government related identifier of the individual;
View history note
Hide history noteProhibition on use or disclosure
22D(1)
If:
(a) a body corporate holds or held credit eligibility information about an individual; and
(b) the information was disclosed to the body by a credit provider under paragraph 21G(3)(b) ;
the body must not use or disclose the information, or any personal information about the individual derived from that information.
Civil penalty: 1,000 penalty units.
Permitted use or disclosure
22D(2)
Subsection (1) does not apply to the use or disclosure of the information by the body corporate if the body would be permitted to use or disclose the information under section 21G if the body were the credit provider.
22D(3)
In determining whether the body corporate would be permitted to use or disclose the information under section 21G , assume that the body is whichever of the following is applicable:
(a) the credit provider that has provided the relevant credit to the individual;
(b) the credit provider to which the relevant application for credit was made by the individual.
Interaction with the Australian Privacy Principles
22D(4)
If the body corporate is an APP entity, Australian Privacy Principles 6, 7 and 8 do not apply to the body in relation to the information.
22D(5)
If:
(a) the body corporate is an APP entity; and
(b) the information is a government related identifier of the individual;
Australian Privacy Principle 9.2 does not apply to the body in relation to the information.
This information is provided by CCH Australia Limited Link opens in new window. View the disclaimer and notice of copyright.