DLA Piper writes:
Since the COVID-19 outbreak, the Dutch Data Protection Authority (Autoriteit Persoonsgegevens, “Dutch DPA”) had made it clear, on several occasions, that taking temperature tests (or otherwise processing health data) as a precautionary measure in light of COVID-19 is a strict “no go”. The position of the Dutch DPA was that most individuals, in particular employees and suppliers, are in a dependent position and therefore not able to freely consent to such temperature tests given the imbalance of power. The only exception was that health data can be processed by a (company) doctor.
However, recently the Dutch DPA adjusted its guidance on temperature testing (in the form of a Q&A) which could give room for companies to engage in such temperature testing.
Read more on Privacy Matters