Additional notification requirements for affected information recipients
If an affected information recipient is an APP entity, then the matters for the purposes of Australian Privacy Principle 5.1 include the following matters to the extent that the personal information referred to in that principle is regulated information of the recipient:
(a) that the policy (the credit reporting policy) of the recipient that is referred to in subsection 22A(3) contains information about how an individual may access the regulated information about the individual that is held by the recipient, and seek the correction of such information;
(b) that the credit reporting policy of the recipient contains information about how an individual may complain about a failure of the recipient to comply with this Division or the registered CR code if it binds the recipient; and
(c) that the credit reporting policy of the recipient contains information about how the recipient will deal with such a complaint.