5CM1.00.07
07
(1) For subsection 56EM(1) of the Act, a data holder that discloses CDR data to an accredited person as a result of a consumer data request must, as soon as practicable, update each consumer dashboard that relates to the request to indicate: (a) what CDR data was disclosed; and (b) when the CDR data was disclosed; and (c) the accredited data recipient, identified in accordance with any entry on the Register of Accredited Persons specified as being for that purpose. Note 1: For correction requests, see section 56EP of the Act (privacy safeguard 13) and Subdivision 7.2.5 of these rules. Note 2: If a consumer data request is made that relates to a joint account, the other joint account holder’s consumer dashboard may not be required to be similarly updated. See rule 4A.13. Note 3: See paragraph 1.15(3)(f). Note 4: See subrule 1.16(5) for how this rule applies where the CDR data is collected by an accredited person acting as a direct or indirect OSP to the accredited data recipient.
CDR Rule 7.9 | CDR Privacy Safeguard Guidelines: Privacy Safeguard 10
Consent Management (Data holder): Authorisations
12 August 2020 or earlier
09 April 2024