Particle.news
Download on the App Store
3 ARTICLES
·
last mo.

Supera Gyms Fined €96,000 for Unlawful Facial-Recognition Access

The AEPD imposed the penalty after Sidecu SA acknowledged violating GDPR Article 9 to compel an overhaul of the chain’s facial-recognition access.

Imagen de archivo de un gimnasio.
Image
Image

Overview

  • The AEPD fined the Supera gym chain €96,000 for imposing facial recognition as the only entry method, reflecting a 40% reduction from the original €160,000 sanction.
  • Sidecu SA, headquartered in A Coruña and owner of Supera, admitted the GDPR breach and made a voluntary payment to secure the fine cut.
  • Facua-Consumidores en Acción filed its 2023 complaint after members at A Coruña and Oviedo locations reported being forced into biometric screening.
  • Spain’s data regulator identified three infringements of the RGPD, including illegal processing of special-category biometric data without explicit user consent.
  • Supera’s 30 centers nationwide must now revise access controls to obtain explicit member consent for biometric data or adopt alternative security measures.