VIS - Visa Information System
Visa Information System (VIS)
Pursuant to the legislation of the European Union and of the Republic of Croatia, every person has the right to:
- access information stored in the Visa Information System (VIS) relating to the person and the Member State which entered it into the system;
- request rectification of inaccurate or incorrect data;
- request erasure of unlawfully processed data;
- petition a court or the competent national authority for data protection in order to request rectification or erasure of inaccurate data or to claim compensation for damage.
The Member State must examine the request it has received and respond to it as soon as possible, at the latest 30 days from its receipt.
The request must contain all the data necessary for identifying the person or the data subject in question. If the request is addressed to the EU Member State that entered the data into the VIS and if it is established that the data is inaccurate or has been unlawfully entered, the EU Member State that made the data entry shall rectify or erase that data in the VIS without delay, at the latest one month from receiving the request.
The EU Member State shall notify the data subject in writing that it has duly taken all measures to rectify or erase the data relating to them.
If the request is addressed to a Member State that is not responsible, the authorities of the Member State to which the request was addressed shall contact the authorities of the Member State responsible within seven days and inform the data subject about the further procedure, specifically that the request has been forwarded to the Member State responsible.
If the Member State responsible does not agree with the claim that the data recorded in the VIS is factually inaccurate or that it has been unlawfully recorded, an administrative decision shall be adopted without delay whereby the data subject will be informed in writing of the reasons as to why the entered data will not be rectified or erased. The person concerned shall be provided with information explaining the possibility of challenging that decision and, where relevant, information on how to lodge a complaint or initiate proceedings before the competent authorities or courts, as well as information on any assistance available to that person, including assistance from the competent supervisory authorities.
The person in question will be informed of the possibility of lodging a complaint with a supervisory authority or seeking a judicial remedy.
Every person has the right to lodge a complaint with the competent authorities or courts of the Member State that has refused the right to access, rectify, supplement or erase data. The right to lodge a complaint also applies if no response is given to a request for access, rectification, supplementation, or erasure within the prescribed timeframe, or if the controller never processes the request.
The request shall be submitted to the authority conducting the procedure.
- MINISTRY OF FOREIGN AND EUROPEAN AFFAIRS
Website:
https://mvep.gov.hr/UserDocsImages/2024/datoteke/Request-for-access-to-personal-data-hvis-vis-1.pdf
Website:
https://mvep.gov.hr/konzularne-informacije-22730/22730
Email:
SzZOP@mvep.hr
National authority responsible for personal data protection in the Republic of Croatia:
- CROATIAN PERSONAL DATA PROTECTION AGENCY - (AZOP)
Address: Ulica Metela Ožegovića 16 HR - 10 000 Zagreb
Phone: 00385 (0)1 4609-00
Fax: 00385 (0)1 4609-099
Website:
http://www.azop.hr
Email:
azop@azop.hr
An appeal against the decision of the Agency is not admissible, but an administrative dispute may be initiated before the competent administrative court:
- ADMINISTRATIVE COURT IN ZAGREB
Address: Avenija Dubrovnik 6, 10020 Zagreb
Phone: 01/6011-326, 01/6011-336
Fax: 01/ 6011-300
Website:
https://sudovi.hr/hr/uszg
Email:
kontakt@uszg.pravosudje.hr
- ABOUT THE VISA INFORMATION SYSTEM
The EU’s common visa policy is an integral part of the Schengen area and one of the key tools for addressing security risks and the challenges of illegal migration in the Schengen area. Over the past years, the EU has developed IT systems for collecting, processing, and sharing information relevant to the management of external borders. The Visa Information System supports the implementation of the EU's common visa policy and is one of those tools.
The Visa Information System (VIS) enables the Schengen area countries to exchange data on visas with one another. It consists of a central IT system and a communication infrastructure that connects the central system to national systems. The VIS connects consulates in non-EU countries and all external border crossing points of the Schengen area countries. It processes data and decisions relating to applications for short-stay visas for visiting or transiting through the Schengen area, thereby facilitating border checks and the issuance of visas, combating various abuses, protecting travellers, increasing security, and assisting with asylum applications. For the purposes of identification and verification, the system can perform biometric matching of fingerprints and data.
Data in the Visa Information System (VIS) is entered by national authorities, which must ensure that use of the entered data is limited to what is necessary, appropriate, and proportionate for the performance of their tasks. National authorities, that is, the controllers of personal data processing, must ensure that when using the VIS, visa applicants and visa holders are not discriminated against and that their human dignity and integrity are respected.
Ten fingerprints and a digital photograph are collected from the data subject or persons applying for a visa. Such biometric data, together with the data specified in the visa application form, is recorded in the central database. Fingerprints from all ten fingers are not required for children under the age of 12 or for persons who are physically unable to provide fingerprints. Regular travellers to the Schengen area do not have to provide new fingerprints each time they apply for a new visa. Once the fingerprints have been stored in the VIS, they may be reused for subsequent visa applications for the following five years.
At the external borders of the Schengen area, the fingerprints of visa holders may be compared with those stored in the database. A mismatch does not mean that entry will automatically be refused - it will only lead to further checks on the identity of the traveller or the data subject.
In accordance with Regulation (EC) No 767/2008 of the European Parliament and of the Council of 9 July 2008 concerning the Visa Information System (VIS) and the exchange of data between Member States on short-stay visas (VIS Regulation), data is stored in the VIS database:
- upon lodging the application (Article 9);
- upon visa issuance (Article 10);
- upon discontinuing the examination of the visa application (Article 11);
- upon visa refusal (Article 12);
- upon visa revocation (Article 13);
- upon visa extension (Article 14).
The data stored in the database relates to:
- the identity of the authority examining the application;
- details (date, type of visa) relating to the application procedure itself;
- the name of the applicant;
- the purpose of travel;
- the duration of stay;
- photograph;
- fingerprints.
The stored data is kept in the system for up to five years. The data retention period begins on the date of expiry of the issued visa, the date of the negative decision, or the date of the decision to amend, revoke or extend the issued visa.
As a Schengen instrument, the Visa Information System applies to all Schengen countries.
Eu-LISA, or the European Union Agency responsible for large-scale IT systems, is in charge of the operational management of the VIS.
Access to VIS is limited only to authorised personnel when performing their tasks. It is important to ensure that the use of data from the VIS is limited only to what is necessary, appropriate, and proportionate.
The competent visa authorities may consult the VIS for the purpose of examining applications and decisions relating to the issue. The authorities responsible for carrying out checks at external borders and within national territories have access to search the VIS for the purpose of verifying the identity of the person, the authenticity of the visa, or whether the person meets the conditions for entry, stay, or residence within the national territories.
Asylum authorities have access to search the VIS solely for the purpose of determining the EU Member State responsible for examining an asylum application.
In certain cases, national authorities and Europol may request access to data entered in the Visa Information System (VIS) for the purposes of preventing, detecting, and investigating terrorist offences and criminal offences (Council Decision 2008/633/JHA of 23 June 2008).
