/

/

/

/

/

Revised Laws of Saint Lucia (2023)

Back to Revised Laws of Saint Lucia (2023)

Back to Table of Contents

21. Data management and quality control

(1) A credit bureau shall —
1. (a) establish, implement and maintain protocols and procedures to ensure that the credit information registered in its database or otherwise processed by it is securely stored and complete and up-to-date at all times;
1. (b) implement strict quality control procedures to ensure the maximum possible accuracy and completeness of its database;
1. (c) take all such steps as are necessary to ensure that the data subject information that it processes is up-to-date, reliable, accurate and comprehensive;
1. (d) implement any other procedures necessary to ensure compliance with this Act;
1. (e) ensure that the measures, procedures, and steps taken under this subsection are fair, adequate, relevant, and reasonable; and
1. (f) ensure that the data subject information is disclosed only in accordance with a permissible purpose provided for under section 20.

(2) A credit bureau that contravenes subsection (1) commits an offence and is liable, on summary conviction, to a fine not less than $10 000 but not exceeding $100 000.

21. Data management and quality control

1. Short title and commencement

2. Interpretation

3. Powers, duties and functions of Central Bank

4. Requirement for licence

5. Application for licence

6. Evaluation of application

7. Grant of licence

8. Refusal to grant licence

9. Terms and conditions of licence

10. Display of licence

11. Restrictions on transfer of licence, etc.

12. Restrictions on employment of certain persons

13. Payment of fees

14. Material change in circumstances affecting credit bureau, etc.

15. Suspension and revocation of licence, etc.

16. Publication of grant of licences, etc.

17. Activities of credit bureau

18. Requirement for consent

19. Credit reports

20. Permissible purposes

22. Security and control measures

23. Data subjects' rights of access and correction

24. Duty to maintain records and credit information

25. Restrictions regarding disclosure of data subject information

26. Supplying false information prohibited

27. Credit information providers

28. Adverse actions against data subjects

29. Void agreements

30. Resolution of disputes and complaints

31. Cross-border data flow

32. Periodic returns

33. Information gathering powers

34. Inspections

35. Entry and search of premises

36. Order by Central Bank

37. Costs of inspections

38. Auditors and annual reports

39. Court order

40. Civil liability for negligent non-compliance

41. Appointment of Review Commission

42. Right to review

43. Review proceedings

44. Decisions of Review Commission

45. Appeals to High Court

46. Appeals to Court of Appeal

47. Agreements with other bodies, etc.

48. Confidentiality

49. Evidence regarding certificate of Central Bank

50. General offences and penalties

51. Fixed penalties

52. Offences by credit bureau or other entity

53. Defences in criminal proceedings

55. Protection of databases upon liquidation

56. Regulations

57. Amendment of Schedules