An accredited data recipient must provide a consumer dashboard that will enable the consumer to see and manage their consents for the collection and use of their CDR data.

A data holder must also provide a dashboard that will enable the consumer to manage and see their authorisations for the disclosure of their CDR data.

These dashboards must be an online service and can be built into existing online banking or mobile apps.

The consumer dashboard provided by the data holder must allow the consumer to withdraw authorisations to disclose CDR data at any time. This functionality must:

  • be simple and straightforward to use
  • be prominently displayed
  • be no more complicated than the process for giving the authorisation to disclose the CDR data, and
  • display a message relating to the consequence of the withdrawal.

The consumer dashboard provided by an accredited data recipient must allow the consumer to:

  • withdraw consent to collect and use CDR data
  • elect that redundant data be deleted at any time, and
  • withdraw any such elections for the deletion of redundant data.

This functionality must be simple and straightforward to use and prominently displayed.

For more information on the consumer dashboard see Chapter B of the CDR Privacy Safeguard Guidelines and the Guide to privacy for data holders.

Was this page helpful?

Thank you.

If you would like to provide more feedback, please email us at websitefeedback@oaic.gov.au