(1) Confidential information must not be disclosed by a primary recipient, or by any person obtaining the information directly or indirectly from a primary recipient, without the consent of -
(a) the person from whom the primary recipient obtained the information, and
(b) if different, the person to whom it relates.
(2) In this section "confidential information" means information which -
(a) relates to the business or other affairs of any person,
(b) was received by the primary recipient for the purposes of, or in the discharge of, any functions of the Payment Systems Regulator under this Part, and
(c) is not prevented from being confidential information by subsection (4).
(3) It is immaterial for the purposes of subsection (2) whether or not the information was received -
(a) as a result of a requirement to provide it imposed by or under any enactment;
(b) for other purposes as well as purposes mentioned in that subsection.
(4) Information is not confidential information if -
(a) it h
…