Application of this Division to credit providers
(1) This Division applies to a credit provider in relation to the following:
(b) credit eligibility information;
(c) CRB derived information.
(2) If the credit provider is an APP entity, this Division may apply to the provider in relation to information referred to in subsection (1) in addition to, or instead of, the Australian Privacy Principles.