Personal data resulting from specific technical processing relating to the physical, physiological or behavioural characteristics of a natural person, which allow or confirm the unique identification of that natural person, such as facial images or fingerprints. The definition of biometric data is found in art. 4 (14) GDPR.
The processing of biometric data generally produces higher risks to the freedoms and rights of the individual. As a result, the processing of biometric data for the purpose of uniquely identifying a natural person is prohibited according to art. 9 (1) GDPR. However, there are some exceptions to the prohibition in art. 9 (2) GDPR.
In need of GDPR-support from a law firm?
Get support to prepare you and your business for an audit from the DPA.
Read more about the business law firm Sharp Cookie Advisors