(1) The Commissioner may issue a written certificate setting out the findings of fact upon which the Commissioner based his or her determination that:
(a) a specified APP entity had breached an Australian Privacy Principle; or
(b) a specified APP entity had breached a registered APP code that binds the entity.
(3) In any proceedings under section 55A, a certificate under subsection (1) of this section is prima facie evidence of the facts found by the Commissioner and set out in the certificate. However, the certificate is not prima facie evidence of a finding that:
(a) a specified APP entity had breached an Australian Privacy Principle; or
(b) a specified APP entity had breached a registered APP code that binds the entity.
(4) A document purporting to be a certificate under subsection (1) must, unless the contrary is established, be taken to be a certificate and to have been properly given.