Spanish hotel fined 1,500 euros for wanting to photocopy a guest’s ID card
International news
While the argument over the new 'big brother' visitor registration scheme rumbles on, the Spanish Data Protection Agency (AEPD) has fined a hotel in Cantabria, 1,500 euros for requiring a photocopy of a guest’s ID card as a requirement to complete their reservation. The traveller, when refusing to provide said copy, saw how their reservation was cancelled.
According to media reports the AEPD’s resolution, the establishment’s practice involves excessive processing of personal data, thus violating the principle of data minimisation contained in Article 5.1.c) of the General Data Protection Regulation (GDPR). This principle establishes that only data that is strictly necessary for the specific purpose of the processing may be collected.
The hotel has a voluntary online check-in process, but requires an image or photograph of the identity document in person to allow the stay. However, the AEPD concludes that this measure is not relevant or necessary to comply with the regulations on the registration of travellers, since the document can be shown without the need to be photocopied or stored.