>The Spanish privacy regulator (hereinafter: AEPD) recently imposed a fine of €950,000 on age verification service YOTI
>For the unlawful processing of biometric personal data in violation of Article 9 of the GDPR, YOTI was fined €500,000. In addition, a fine of €200,000 was imposed for obtaining invalid consent in violation of Article 7 of the GDPR. Finally, the company was fined €250,000 for exceeding retention periods in violation of Article 5 of the GDPR
The lesson is you gotta incorporate your crimes. If you kill a person you face life in prison. If you are a decision maker at Boeing who lies to regulators and customers, committing fraud that killed hundreds of people [0], you receive a golden parachute instead!
Someone using their phone while driving in the UK will almost certainly be charged £200. They'll only receive the maximum £1000 charge in extreme circumstances.
Oh, this gave me an idea. OP should be able to get a hold of this „report” by subject access request. Law enforcement exception to GDPR doesn't apply to private companies.
>The Spanish privacy regulator (hereinafter: AEPD) recently imposed a fine of €950,000 on age verification service YOTI
>For the unlawful processing of biometric personal data in violation of Article 9 of the GDPR, YOTI was fined €500,000. In addition, a fine of €200,000 was imposed for obtaining invalid consent in violation of Article 7 of the GDPR. Finally, the company was fined €250,000 for exceeding retention periods in violation of Article 5 of the GDPR