Visa Information System
Visa Information System
The Visa Information System (VIS) is established under Regulation 2008/767EC for the purpose of facilitating the visa application procedure, prevent visa shopping and fraud, and facilitate border checks as well as identity checks within the territory of the Member States and to contribute to the prevention of threats to the internal security of the Member States.
To this end, the VIS provides a central repository of data on all short-stay Schengen visa. This data can be accessed by authorities issuing visas such as consulates of Member States, by checkpoints at the Schengen border to verify the identity of visa holders, as well as for the purpose of identifying third-country nationals apprehended within the Schengen Area with fraudulent or without documents.
The VIS Regulation sets out which data shall be included in the database at the various stages of processing a visa.
Apart from data on the visa application (such as planned travel itinerary, inviting persons etc.) it also includes a photograph of the applicant and fingerprints.
Supervision over the national units is allocated to the DPAs in the respective Member State, while the central VIS is supervised by the EDPS.
For the purposes of coordinating supervision, the VIS Regulation provides that national DPAs and the EDPS both acting within their respective competences, shall:
a) exchange relevant information;
b) assist each other in carrying out audits and inspections;
c) examine difficulties of interpretation or application of this Regulation;
d) study problems with the exercise of independent supervision or with the exercise of the rights of data subjects; and
e) draw up harmonised proposals for joint solutions to any problems and promote awareness of data protection rights.
For such purposes, the VIS Supervision Coordination Group (VIS SCG) has been set up and meets twice a year. The VIS SCG is composed of representatives from the national DPAs and the EDPS.
What are your rights in relation to personal data processed in the VIS?
The VIS legal framework lays down the rights of individuals in relation to the personal data processed in the system and which could be exercised in accordance with the national law of the respective country. The citizen has the right to:
- request access to personal data relating to him/her which has been entered in the VIS;
- request the correction of factually inaccurate personal data relating to him/her or the deletion of his/her personal data in the case of unlawfully stored information;
- bring an action or complaint before the Courts or the authority competent under the national laws, where the rights of access, correction or deletion, are refused.
How to exercise your rights?
In Malta, any individual has the right to request access (click here to download model letter EN / MT), correction or deletion of his/her personal data (click here to download model letter EN / MT) by contacting directly the data controller which in this case is the authority responsible for the administration of the system at national level.
Such rights are exercisable by submitting a formal request to the following address:
The Data Protection Officer
Ministry of Foreign Affairs
Valletta, VLT 2000
Applicants should provide the following identification details in order to facilitate the responsible authority in dealing with the request:
- Name and surname of applicant;
- ID Card or Passport No;
- Visa No/Application No.;
- What particular details he/she would like to see.
In accordance with Maltese law, the request must be submitted in writing and signed by the data subject. The request must be made in Maltese or English. Refusal to these requests may occur if this is indispensable for the performance of a lawful task in connection with the data or for the protection of the rights and freedoms of third parties.
What is the role of the Information and Data Protection Commissioner in relation to your personal data processed in SIS?
The Information and Data Protection Commissioner is the national supervisory authority responsible to monitor the lawfulness of data processing carried out by national authorities within the VIS. For this purpose, the Commissioner is empowered to have access and inspect any personal data processed by national authorities in connection with VIS.
In the eventuality that a request for access, correction or deletion, is refused, the individual may seek assistance and advice from the Information and Data Protection Commissioner.
In considering the case, the Commissioner will assess whether the refusal was reasonable and in accordance with the relevant legal framework.