Eight Dutch holiday resorts have breached privacy legislation by using facial recognition technology to monitor who is using their playgrounds and swimming pools, the Dutch privacy authority said on Wednesday.

The AP did not name the individual resorts, citing legal reasons, but did say different companies are involved. Seven of the eight have now changed their way of working and the eighth has been given to the end of the year to comply or face a fine.

The investigation began after several holidaymakers contacted the agency to complain about the use of biometric details during their visits.

“Holidaymakers used to have a pass or a wristband to show they could use the pool, and suddenly they were being faced with facial recognition technology,” deputy chairwoman Monique Verdier said.

“This is extremely serious. You cannot put people under pressure to hand over their biometric data, and yet this is what happened.” The parks reportedly told visitors they would not be admitted unless they agreed to do so.