General Data Protection Regulation

GENERAL DATA PROTECTION REGULATION (GDPR)
 
Collection of your personal data when completing and submitting a Schengen visa application, such as taking a photograph or fingerprints, is mandatory in order to have your application considered. Failure to comply with the above will result in the refusal of your Schengen visa application.
 
The competent and responsible state authorities of the Republic of Croatia for the processing of personal data in the Visa Information System (VIS) are:

• Ministry of Foreign and European Affairs of the Republic of Croatia  

Address: Trg Nikole Šubića Zrinskog 7-8, 10 000 Zagreb
Website: https://mvep.gov.hr
Website: https://mvep.gov.hr/informacije-konzularni-portal/244593
 

• Ministry of the Interior of the Republic of Croatia 

Address: Ulica grada Vukovara 33, 10 000 Zagreb
Website: www.mup.gov.hr 
Website: https://mup.gov.hr/zastita-osobnih-podataka-222/222
 
The legal basis for collecting and processing personal data is defined by Regulation (EC) No 767/2008 concerning the visa information System (VIS); Regulation (EC) No 810/2009 establishing a community Code on Visas (Visa Code); and Council Decision 2008/633/JHA concerning access for consultation of the Visa Information System (VIS) by designated authorities of Member States.
Your personal data will only be submitted to the competent authorities of EU Member States, which may process your data only for the intended purpose, such as deciding on your visa application.
 
All information, as well as decisions when submitting your application for annulment, revocation or extension of an issued visa, will be entered and stored in the Visa Information System (VIS) for a maximum of five years. During that time it will be accessible to visa authorities, authorities responsible for carrying out visa checks at external borders, authorities within the EU Member States, immigration authorities, and asylum authorities in the EU Member States, for the purpose of verifying whether all conditions for your lawful entry, stay and residence on the territory of the Republic of Croatia or other EU Member States have been met, and for identifying or establishing persons who no longer meet the above conditions or for reviewing asylum applications.
 
Exclusively, and only under specific conditions, your personal data will be accessible to EU Member States’ authorities and to the European Union Agency for Law Enforcement Cooperation (EUROPOL), for the purpose of preventing and detecting terrorist offences or other serious criminal offences.
Your personal data may also be transferred to third countries or international organisations, solely for the purpose of proving the identity of third-country nationals. Such transfer of data may also be carried out only under specific conditions.
 
Pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and Regulation (EC) No 767/2008 of the European Parliament and of the Council concerning the Visa Information System (VIS) and the exchange of data between Member States on short-stay visas, you have the right to access your personal data, including a copy of it, as well as information on which EU Member State has entered the data in the VIS. You also have the right to have your inaccurate or incomplete personal data rectified or completed, to have the processing of your personal data restricted, or to have unlawfully processed personal data erased.
 
Personal Data Protection Officer (DPO) contact:

• Ministry of Foreign and European Affairs of the Republic of Croatia

Email: SzZOP@mvep.hr
Address: Trg N. Š. Zrinskog 7-8, 1000 Zagreb, Croatia
Website: https://mvep.gov.hr/informacije-za-gradjane-244593/pristup-informacijama/sluzbenik-za-zastitu-osobnih-podataka/22903
Website: https://mvep.gov.hr/konzularne-informacije-22730/22730
 
Request for access, rectification or erasure of personal data processed in the Visa Information System (VIS):

• link: https://mvep.gov.hr/UserDocsImages/2024/datoteke/Request-for-access-to-personal-data-hvis-vis-1.pdf

For any information on the above conditions or the manner in which they are fulfilled, you may directly contact the competent authority in the Republic of Croatia responsible for the processing of personal data, the Croatian Personal Data Protection Agency (AZOP).
Also, if you believe that your personal data is being processed unlawfully and you are not satisfied with the response of any of the competent authorities in the Republic of Croatia, you have the right to file a complaint at any time with the competent national authority for personal data protection of any Member State of the European Union, in particular the Member State you consider responsible.
 
National authority competent for personal data protection in the Republic of Croatia:

• Croatian Personal Data Protection Agency - AZOP

Address: Ulica Metela Ožegovića 16 HR - 10 000 Zagreb
Phone: 00385 (0)1 4609-000;
Fax: 00385 (0)1 4609-099
Email: azop@azop.hr
Website: http://www.azop.hr
 
An appeal against the decision of the Croatian Personal Data Protection Agency (AZOP) is not
admissible, but an administrative dispute may be initiated before the competent administrative court:

• Administrative Court in Zagreb

Address: Avenija Dubrovnik 6, 10020 Zagreb
Phone: 00385 (0)1 6011-326, 00385 (0)1 6011-336
Fax: 00385 (0)1 6011-300
Email: kontakt@uszg.pravosudje.hr
Website: https://sudovi.hr/hr/uszg