Data Protection
Yes, to the Central Statistics Office (CSO). The Statistics Act 1993 provides that the CSO may obtain information from public bodies including the Central Bank. Such transfers of information are also permitted under data protection law. A Data Protection Impact Assessment (DPIA) was performed in advance of this transfer.
The CSO is Ireland's national statistical office and its purpose is to impartially collect, analyse and make available statistics about Ireland’s people, society and economy. More information is available at www.cso.ie.
Personal data held on the Central Credit Register includes your name, date of birth, address, gender, telephone number and personal public service number (PPSN). Your PPSN, Eircode and contact telephone number is not transferred to the CSO.
Credit data held on the Central Credit Register includes the loan type, such as mortgage, credit card, overdraft, personal loan, business loan, HP, PCP etc; the amount borrowed and the amount outstanding.
The Central Bank is the data controller for the Central Credit Register and the obligations of the General Data Protection Directive and Data Protection law apply.
The CSO is the data controller for the information when it is transferred and the obligations of the General Data Protection Directive and Data Protection law apply then to the CSO.
The CSO will use the information for statistical purposes and reporting only. No details that might be related to an identifiable person may be divulged to any other government department or body.
A Memorandum of Understanding is in place between the Central Bank and the CSO regarding the governance and use of the data and is available on our Uses of CCR Data Page in the Publications area.
Your lender is responsible for the accuracy of the data that they send to the Central Credit Register. While it is in their possession, they are a data controller under Data Protection law.
The Central Credit Register relies on lenders to transfer data that is accurate, complete and up to date.
Once the data is received by the Central Credit Register the Central Bank of Ireland becomes the data controller.
We will respond within 20 days, and may extend the period to 40 days before getting back to you with a decision if we need to contact your lender or seek further information from you.
Follow the instructions in our factsheet 'how to request an amendment to my information' available on our publications page
Yes. The Credit Reporting Act 2013 and the Regulations provide the legal basis for the collection and processing of personal information, including PPSNs.
In addition, the Central Bank of Ireland consulted with the Office of the Data Protection Commissioner in advance of publishing the Regulations. The Central Bank of Ireland is also listed as a specified body in Schedule 5 of the Social Welfare Consolidation Act 2005 when carrying out its functions in relation to the Central Credit Register.
Each time you or a lender accesses your credit report, a footprint is created. A footprint is a record of the date, the lender name (or CIS enquiry if it's you), and the reason why that particular lender sought your credit report.
The footprint is shown at the end of the report for a period of five years after a lender last requested access.
A footprint looks like this:
| Credit Information Provider Name | Enquiry Date | Function | Purpose |
| ABC Bank | 12/08/2024 | New Credit Application | New Credit Application |
| DEF Bank | 01/03/2024 | Monitoring Enquiry | Restructure |
| GHI Finance | 10/12/2023 | Monitoring Enquiry | Breach of Terms |
| JKL Credit Union | 15/05/2023 | New Credit Application | New Credit Application |
Information submitted by your lender(s) each month is used to create a credit report which is stored on the Central Credit Register. This information will be released only when a lender or the borrower to whom the information relates requests access; if the borrower to whom the information relates, consents to the release of this information to another person;
as provided by the Credit Reporting Act 2013, the Data Protection Act 2018 or as required or permitted by law or any other applicable legislation.
The Central Bank may also transfer information to state agencies and law enforcement bodies when it is considered necessary and proportionate to do so.
The Central Credit Register supports the Central Bank’s obligations and functions, including consumer protection, supervising the financial sector and ensuring financial stability. The Central Bank may use any pseudonymised information held on the Central Credit Register in the performance of any of its functions.
For more information see our data protection statement.
No items found.