Commonwealth Consolidated Acts

[Index] [Table] [Search] [Search this Act] [Notes] [Noteup] [Previous] [Next] [Download] [Help]

PRIVACY ACT 1988 - SECT 21V

Individual may request the correction of credit information etc.

Request

  (1)   An individual may request a credit provider to correct personal information about the individual if:

  (a)   the personal information is:

  (i)   credit information about the individual; or

  (ii)   CRB derived information about the individual; or

  (iii)   CP derived information about the individual; and

  (b)   the provider holds at least one kind of the personal information referred to in paragraph   (a).

Correction

  (2)   If the credit provider is satisfied that the personal information is inaccurate, out - of - date, incomplete, irrelevant or misleading, the provider must take such steps (if any) as are reasonable in the circumstances to correct the information within:

  (a)   the period of 30 days that starts on the day on which the request is made; or

  (b)   such longer period as the individual has agreed to in writing.

Consultation

  (3)   If the credit provider considers that the provider cannot be satisfied of the matter referred to in subsection   (2) in relation to the personal information without consulting either or both of the following (the interested party ):

  (a)   a credit reporting body that holds or held the information and that has an Australian link;

  (b)   another credit provider that holds or held the information and that has an Australian link;

the provider must consult that interested party, or those interested parties, about the individual's request.

  (4)   The use or disclosure of personal information about the individual for the purposes of the consultation is taken, for the purposes of this Act, to be a use or disclosure that is authorised by this subsection.

No charge

  (5)   The credit provider must not charge the individual for the making of the request or for correcting the information.

Interaction with the Australian Privacy Principles

  (6)   If a credit provider is an APP entity, Australian Privacy Principle   13:

  (a)   applies to the provider in relation to personal information referred to in paragraph   (1)(a) that is identification information; but

  (b)   does not apply to the provider in relation to any other kind of personal information referred to in that paragraph.

Note:   Identification information may be corrected under this section or Australian Privacy Principle   13.

Exemption for certain non - participating credit providers

  (7)   This section does not apply to a non - participating credit provider.



AustLII: Copyright Policy | Disclaimers | Privacy Policy | Feedback