Credit Reporting Act 2013
|
Data protection | ||
|
| ||
19. (1) Nothing in this Act limits the operation of the Data Protection Acts 1988 and 2003. | ||
(2) Sections 2 , 4 and 6 of the Data Protection Act 1988 shall have effect as if— | ||
(a) references to personal data included relevant credit data, and | ||
(b) a person to whom this section applies were a living individual, | ||
and sections 9, 10, 12 and 24 to 31 of that Act apply accordingly. | ||
(3) In subsection (2) “relevant credit data” means information held on the Register which relates to a person to whom this section applies and which, if it were information relating to a living individual, would be personal data for the purposes of the Data Protection Acts 1988 and 2003 . | ||
(4) This section applies to any person with an annual turnover of not more than €3,000,000 (and to whom sections 2 , 4 and 6 of the Data Protection Act 1988 would not apply apart from this section). | ||
(5) The Bank may, with the consent of the Minister, make regulations specifying for the purposes of subsection (4) how, and by reference to what year, annual turnover is to be calculated. | ||
(6) The Bank shall notify the Data Protection Commissioner of any systemic problems identified by the Bank in relation to the obtaining, keeping, processing or use of information held on the Register. | ||
(7) The Bank shall take such action (which may include action in cooperation with the Data Protection Commissioner) as appears to the Bank to be appropriate to eliminate or minimise any such systemic problems. |