Published: 20.08.2024.

Basic information on SIS

 

  • The Schengen Information System (SIS) is the most widely used and largest information sharing system for security and border management in Europe. As there are no internal borders between Schengen countries in Europe, SIS compensates for border controls and is the most successful cooperation tool for border, immigration, police, customs and judicial authorities in the EU and the Schengen associated countries. Competent national authorities (including the State Border Guard) are able to enter and consult alerts on people and objects in one common database.
  • The country entering the alert and related data in SIS is the “data owner”. This means that only this country is allowed or able to update and delete the alert.
  • In 2013, the second generation SIS (SIS II) was rolled out, with additional functionalities, such as the possibility of adding fingerprints and photographs to alerts. Since March 2023, DNA profiles of persons declared lost or their parents, grandparents or brothers and sisters have been stored in SIS in order to confirm their identity.
  • Information Centre of the Ministry of the Interior performs the functions of the system manager in relation to the SIS National Unit. It shall ensure the technical functioning of the NSIS and shall monitor compliance with the technical requirements laid down in the laws and regulations governing the functioning of the SIS.

 

SIS legal framework

 

  • Regulation (EU) 2018/1860 on the use of the Schengen information system for the return of illegally staying third-country nationals;
  • Regulation (EU) 2018/1861 on the establishment, operation and use of the Schengen information system (SIS) in the field of border checks;
  • Regulation (EU) 2018/1862 on the establishment, operation and use of the Schengen information system (SIS) in police cooperation and judicial cooperation in criminal matters.

 

In the Republic of Latvia, the procedures for the maintenance and use of SIS shall be determined by:

  • Law on the Operation of the Schengen Information System (adopted on 14.6.2007)
  • Procedures for the Entering, Correction and Deletion of Alerts in the Schengen Information System, as well as Ensuring Accessibility of Supplementary Information between the SIRENE Latvia Bureau and Procedures for the Exchange of Supplementary Information of Institutions and Authorities (Cabinet Regulation No. 639 of 18.09.2007);
  • Procedures for the Request and Issue of Information Regarding a Data Subject that is Kept in the Schengen Information System and the SIRENE Information System (Cabinet Regulation No. 622 of 11.09.2007).

 

Operational objectives of SIS and purposes of processing of personal data

 

  • ensuring the security of the Schengen area without carrying out checks at internal borders;
  • strengthening public order and Schengen area on national territory;
  • contribute to the fight against terrorism, cross-border crime and illegal migration;
  • serve as a cooperation tool for border, immigration, police, customs and judicial authorities in the EU and Schengen associated countries;
  • searching for criminals, missing persons, third-country nationals who are denied access to Schengen countries, persons who need to know their actual place of residence, persons and objects of operational interest for judicial purposes, as well as identifying offenders on the basis of fingerprints and fingerprints;
  • prevent the abduction or disappearance of persons, including children, to protect vulnerable persons (adults or children) from illegal removals abroad.

 

Data subjects

(persons, covered by alert messages in SIS)

 

  • third-country nationals subject to return decisions;
  • third-country nationals who do not have the right to enter or stay in the Schengen area;
  • persons wanted for arrest;
  • missing persons;
  • vulnerable persons whose travel must not be allowed;
  • children who could be abducted by their parents, relatives or guardians;
  • persons sought to assist in judicial proceedings (e.g. witnesses to criminal proceedings);
  • persons and objects subject to discreet, investigative or special checks:
  • unknown persons wanted (fingerprints and palm marks discovered at the scene of terrorist offences or other serious crimes);

 

Categories of data

 

  • identification of the wanted persons (at least given name and surname; year of birth);
  • photographs of the wanted persons *;
  • fingerprints and/or palm prints of the wanted person *;
  • information on the objects related to the person sought, such as the vehicle used by the person sought;
  • a description or a copy of the identification document of the wanted persons;
  • dactyloscopic data (fingerprints and/or palm marks *) detected at crime scenes;
  • DNA profile of the wanted person or of the members of his family * (only in the case of missing persons to be protected);
  • the European arrest warrant (EAW) (if a person is wanted for arrest);
  • the data on victims of identity theft.

 

Other data entered in SIS alerts:

  • a reference to the decision on which the alert is based;
  • the action to be taken.

 

* Biometric data allows to ascertain the identity and to avoid misidentification.

 

Access to SIS data

 

The authorities specified in Section 14 of the Law on the Operation of the Schengen Information System, including the State Border Guard, shall have access to the information included in the system in accordance with the competence specified in the regulatory enactments regulating the operation of the SIS.

 

 

 

Retention period for SIS data

Data recorded in SIS may only be stored in the system for as long as is necessary to achieve the purpose of the alert. Once the purpose of the alert is achieved, the data is deleted immediately.

More details on the storage of SIS data you can find on the website of European Commission:

https://home-affairs.ec.europa.eu/policies/schengen-borders-and-visa/schengen-information-system/questions-and-answers_en

 

Rights of data subjects in relation to SIS:

  • the right to access personal data stored in SIS;
  • the right to correct inaccurate personal data or have unlawfully stored personal data be erased;
  • the right to bring proceedings before the courts or competent authorities to correct or erase personal data or to obtain compensation for any damages resulting from breaches of data protection law.

How to enforce rights?

 

The data subject may exercise the right of access and receive information regarding the right to rectification and deletion of data by submitting a written request signed in person or with a secure electronic signature:

  • to the State Police (SIRENE Latvia National Unit[1], Riga, Čiekurkalna line 1, 4, telephone + 371 67219053, e-mail: ssp@vp.gov.lv),
  • or according to his or her place of residence in a police unit,
  • or in diplomatic missions of the Republic of Latvia.

Contact details of diplomatic or consular missions of the Republic of Latvia are available at: https://www.mfa.gov.lv/en 

 

A written request shall specify:

  • information regarding the submitter: given name (names), surname, date of birth, personal identity number (if any), place of birth, nationality, type, number of the personal identification document (if any), name of the issuing authority, date of issue and term of validity;
  • the amount of information to be requested (information regarding the data subject, information regarding the recipients of personal data of the data subject);
  • type of receipt of information (by visiting the State Police institution or representation in person or sending information to the indicated address);

When submitting an on-site request, the data subject shall prove his or her identity by presenting a personal identification document. If an authorized person submits the request, they present a notarized authorization confirming the right to receive information regarding the data subject or a document confirming the rights of parents, adopters, guardians or trustees.

 

Receiving of information is free of charge. The response time may be a maximum 1 month.

 

Persons may make requests in Latvian and English. Model requests are available on the official website of the State Police: https://www.vp.gov.lv/lv/sengenas-informacijas-sistema

 

If the reply provided by SIRENE Latvia National Unit of the State Police refuses to provide information or refuses to correct or delete data, the data subject has the right to submit a complaint to the national supervisory authority of the Member State. Persons may make applications to the Data State Inspectorate in Latvian and English.

Contact details: Data State Inspectorate

dvi.gov.lv

Email pasts@dvi.gov.lv

Address: Elijas Street 17, Riga, Latvia, LV-1050

 

Additional information and sample complaints (in Latvian and English languages) are available on the official website of the Data State Inspectorate: https://www.dvi.gov.lv/en/schengen-information-system

 

 

[1]SIRENE Latvia National Unit:

  • ensure the exchange of information between the law enforcement authorities of the Member States on persons or objects for which a report is included in the Schengen Information System;
  • ensure the promulgation of wanted criminals in international search systems;
  • ensure the quality and legal soundness of the messages to be included in SIS — compliance with the requirements of the Schengen acquis;
  • co-ordinate the search activities of foreign law enforcement institutions for criminals and missing persons in Latvia.
  • is the only authority in a country empowered to examine applications by natural persons and to respond to the maintenance of the applicant's data in the SIS and SIRENE information system (a data processing system in which additional information is processed and by which warning messages are processed).

 

Basic VIS information

  • The Visa information system (VIS) is intended for the exchange of data between Schengen Member States on short-stay visa applications and related decisions. The VIS shall contain information, including biometric data, on third-country nationals applying for a Schengen visa;
  • Visa applications and issued, refused, extended, annulled and revoked visas of the competent authorities of Latvia shall be registered in the national Visa information system (NVIS);
  • Personal data, together with biometric data submitted with the visa application, shall be processed and stored in the central VIS system.

Legal framework for VIS

  • Council Decision establishing the Visa information system (VIS) 2004/512/EC;
  • Regulation 767/2008 of the European Parliament and of the Council concerning the Visa information system (VIS) and the exchange of data between Member States on short-stay visas (VIS Regulation);
  • Regulation (EC) No 810/2009 of the European Parliament and of the Council establishing a Community Code on visas (Visa Code).

In the Republic of Latvia the procedures for the use of VIS and NVIS shall be determined by Cabinet Regulation No. 676 of 30 August 2011, “Visa Regulations”, which have been issued in accordance with Section 3, Paragraph three, Section 12, Paragraph one, Clause 3, Section 13, paragraphs three and four of the Immigration Law.

Operational objectives of the VIS and purposes of the processing of personal data

  • examine visa applications and related decisions;
  • verify the identity of the visa holder and/or the validity of the visa by carrying out checks at the external borders and within the Member States;
  • verify that the conditions for legal entry into and residence on the territory of the Member States are met and identify persons who do not or no longer fulfil those conditions, including the identification of persons who do not hold or have fraudulent documents (in the fight against illegal immigration);
  • preventing “visa trade”;
  • prevent the use of false documents and attempts to provide false information;
  • protect travelers from identity theft;
  • allows the determination of the Member State responsible for examining an asylum application; facilitates the exchange of data between Schengen States on visa applications;
  • contribute to the prevention, detection and investigation of terrorist threats and other serious criminal offences.

Personal data stored in the VIS may be transferred to a third country or international organisation in accordance with Article 31 of the VIS Regulation and to Schengen Member States in accordance with Council Decision (EU) 2017/1908.

Data subjects

Persons whose data are processed in the VIS system.

Categories of data

  • alphanumeric data on the applicant, visas applied for, visas issued, visas refused;
  • visas annulled, revoked or extended;
  • photographs *;
  • fingerprint data *;
  • links to previous visa applications and application files of persons travelling together;
  • information about the inviter.

The scope of the information to be included in the NVIS is governed by Article 53 of the Visa Regulations.

* The use of biometric data to confirm the identity of the visa holder allows faster, more accurate and more secure checks to be carried out.

Responsible authorities for data processing

  1. Office of Citizenship and Migration Affairs (State Visa information system (NVIS) manager):

contact information: pmlp.gov.lv, email: pasts@pmlp.gov.lv

more information on https://www.pmlp.gov.lv/en/visas-and-invitations

  1. State Border Guard

Officials of the State Border Guard shall issue single uniform visas and visas with limited territorial validity at the border crossing points specified in Annex 1 to Cabinet Regulation No. 676 of 30 August 2011 “Visa Regulations”. The officials of the State Border Guard shall issue visas with the endorsement “Diplomatic Visa” or “Service Visa” only upon the request of the Consular Department.

contact information: rs.gov.lv, email: pasts@rs.gov.lv

Access to VIS data

  • Officials of the State Border Guard shall have the right of access to information when it is necessary to verify the identity of a person, to verify that a visa is genuine, or to verify that a person fulfils the requirements for entry and/or stay in one of the Schengen States.
  • Asylum authorities have access to information when they have to determine which EU/EEA country is responsible for examining an asylum application.
  • Other national authorities and Europol may request access to information in specific circumstances for the purposes of the prevention, detection and investigation of terrorist offences and serious criminal offences.

Period of storage of VIS data

Data shall be stored in the VIS for a maximum period of five years.

This period shall begin:

(a) the date on which the visa expires, if the visa has been issued;

(b) the date on which the new validity of the visa expires, if the visa has been extended;

(c) the date on which the application file was created in the VIS, where the application was withdrawn, closed or terminated;

(d) on the date of the decision of the visa authority, if the visa was refused, annulled or revoked.

Data subjects' rights in relation to the VIS:

  • the right to be informed of itself and of the Member State which transmitted the data to the VIS;
  • the right to receive information on the recipients of personal data, unless the disclosure of such information is prohibited by law in the field of national security, defence and criminal law;
  • the right to request that his or her personal data be supplemented or corrected, as well as to suspend the processing thereof or destroy them if the personal data are incomplete, obsolete, false, illegally acquired or they are no longer necessary for the purpose of collection;
  • the right to submit a complaint to the state supervisory authority or to file a lawsuit in court.

How to enforce rights?

The data subject may exercise the rights by addressing the NVIS manager:

Contact details: Office of Citizenship and Migration Affairs

pmlp.gov.lv

Email: pasts@pmlp.gov.lv

Where the data subject considers that his or her personal data are being processed contrary to the applicable law, the data subject shall first have the possibility to lodge a complaint with the data controller:

Contact details: Office of Citizenship and Migration Affairs

pmlp.gov.lv

Email: pasts@pmlp.gov.lv

If the data controller did not provide a satisfactory reply, the data subject shall have the possibility to lodge a complaint with the national supervisory authority of a Member State. Applications may be submitted to the Data State Inspectorate in Latvian and English.

Contact details: Data State Inspectorate

dvi.gov.lv

Email pasts@dvi.gov.lv

address: Elijas Street 17, Riga, Latvia, LV-1050

In accordance with Article 40(1) and (2) of the VIS Regulation, each data subject has the right to bring an action before the competent authorities or courts of the Member State concerned if the data subject considers that the Member State concerned has refused to exercise the right.