University vending machine error reveals use of secret facial recognition | A malfunctioning vending machine at a Canadian university has inadvertently revealed that a number of them have been usin…::Snack dispenser at University of Waterloo shows facial recognition message on screen despite no prior indication
I said collecting, as in taking photo/video closeup of faces and eyes. Whether they are storing and cataloguing against individual profiles is another question, and must be checked against how GDPR requirements are actually written about personal data being processed.
“We’re GDPR compliant” means absolutely nothing coming from a company’s PR response to this sort of event.
Consent is a requirement for GDPR compliance. They are likely taking an image from the camera, extracting semantic attributes from the image, and then discarding the image. The length of time the individual is standing there making the purchase is likely longer than the image is stored in memory while extracting the attributes.
I bet there is no button “consent to biometrics collection”