Back to Cases
technologyfinance · 2022
CaixaBank S.A.
The AEPD fined CaixaBank €6 million for processing the biometric data of employees using a fingerprint access control system without adequate legal basis. The fine was later reduced to €3 million following voluntary payment and acknowledgement of responsibility.
Fine Imposed€6M
Authority
AEPD
Regulation
Key Takeaways
- Employee biometric data is special category data requiring explicit consent or specific legal basis.