What is the VIS?
The Visa Information System (VIS) is a system for the exchange of visa data between Schengen area States. The establishment of the VIS is a key element of the European Union's visa policy, aimed at creating an area of freedom, security and justice without internal borders.
In order to implement the VIS, consular posts and external border crossing points of the Schengen States are connected to the central VIS database. The VIS contains the biographical and biometric data of everyone applying for a visa.
The main objectives of the VIS are to facilitate visa application procedures, to facilitate checks at external borders and to strengthen security. The VIS also prevents so-called visa shopping and assists Member States in the fight against fraud.
What has changed in practice for visa applicants at consular posts and at the external borders of the Schengen area?
An applicant requesting a visa for the first time must appear in person for the collection of his or her biometric data: a photograph and ten fingerprints. However, for subsequent applications within five years, fingerprints from the VIS file can be re-used unless there is reasonable doubt regarding the applicant's identity.
When the visa holder arrives at the external border, the border authorities have access to the VIS to verify his identity and the authenticity of the visa. These procedures improve security in the Schengen Area.
However, certain categories of applicants are exempt from the requirement to give fingerprints, including:
- Children under the age of 12;
- Persons for whom fingerprinting is physically impossible;
- Heads of State or Government and members of a national Government with accompanying spouses, and the members of their official delegation when they are invited by the governments of Member States or by international organisations on official business;
- Sovereigns and other senior members of a royal family, when they are invited by the Governments of Member States or by international organisations on official business.
Data protection and access to the VIS
During the visa application process the personal data of the applicant are collected and entered into the VIS. These include the photograph of the applicant, his fingerprints (if applicable), and the personal data contained in the visa application form.
These data are transmitted to the competent authorities of the Member States and processed in order to take a decision on the visa application.
The personal data of the visa applicant, as well as data concerning the decision about his application or any decision to annul, revoke or extend a visa issued, are entered and stored in the VIS for a maximum period of five years. This period begins:
- On the expiry date of the visa, if a visa has been issued;
- On the new expiry date of the visa, if it has been extended;
- On the date of the creation of the application file in the VIS,
- On the date of the decision of the visa authority if a visa has been refused, annulled, or revoked
Access to the VIS for entering, amending, deleting and consulting data shall be reserved exclusively to the duly authorised staff of the competent Authorities. The VIS may in particular be consulted for the following purposes:
- Examining visa applications and decisions related to them
- Verifying the identity of the visa holder and/or the authenticity of the visa;
- Identifying persons who do not, or no longer, fulfil the conditions for entry, stay or residence in the territory of Member States;
- Determining the Member State responsible for examining an asylum application.
The Authorities to which access to the VIS is limited are:
- The Authorities responsible for issuing visas;
- The Authorities competent for carrying out checks on visas at external borders and within Member States;
- The Authorities competent for immigration and asylum in Member States.
Under certain conditions, access to VIS data may be requested by the European Police Office (Europol) and the designated authorities of Member States (in Italy, the Ministry of Interior and the Police authorities) for the purposes of prevention, detection and investigation of terrorist offences or other serious criminal offences.
The Italian Authority responsible for the treatment of data entered in the VIS is the Ministry of Foreign Affairs and International Cooperation (Piazzale della Farnesina 1, 00135 Roma, www.esteri.it).
The Italian national supervisory authority responsible for the protection of personal data, pursuant to Legislative Decree 196 of 30 June 2003, is the Garante per la Protezione dei dati personali (Regulatory Authority for the Protection of Personal Data) (Piazza di Montecitorio 121, 00186 Roma, www.garanteprivacy.it); email: email@example.com).
Exercise of the right of access, rectification or deletion of data in the VIS
The visa applicant has the right to obtain, in any Member State, the communication of his personal data recorded in the VIS and the indication of the Member State that transmitted them. Moreover, the applicant can request that inaccurate data relating to his person be corrected and unlawfully treated data be deleted.
The person concerned can exercise his/her right to access, rectify and delete the data relating to him/herself entered in the VIS, by directly contacting the head of the visa office that received the application (manager), which in turn will transmit the request to the Central Visa Unit – DGIT VI at the Ministry of Foreign Affairs and International Cooperation (controller).
In case the exercise of the above rights is either denied or unsatisfactorily met, the person concerned can take the case to court or lodge an appeal with the Garante per la Protezione dei Dati Personali in the following ways: http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/4539625.
The person concerned can also contact the Garante to obtain more information on how to take action to safeguard his/her right to personal data protection.
- Application form for national Visa
Interministerial Decree 4516/495 of 6 October 2011 that allocates the powers within the Italian legal system between the Foreign Ministry and the Ministry of the Interior regarding the exchange of data between Member States on short-stay visas (VIS regulation) and access for consultation of the VIS by the designated authorities of Member States and by Europol for the purposes of prevention, detection and investigation of terrorist offences and of other serious crimes.
- Council Decision (EC) 2004/512 of 8 June 2004 establishing the Visa Information System (VIS).
- Regulation (EC) 767/2008 of the European Parliament and of the Council of 9 July 2008 concerning the VIS and the exchange of data between Member States on short-stay visas (VIS Regulation).
- Council Decision 2008/633/JHA of 23 June 2008 concerning access for consultation of the VIS by designated authorities of Member States and by Europol for the purposes of the prevention, detection and investigation of terrorist offences and of other serious criminal offences.
- Regulation (EC) 81/2009 of the European Parliament and of the Council of 14 January 2009 amending Regulation (EC) 562/2006 as regards the use of the Visa Information System (VIS) under the Schengen Borders Code.
- Commission Decision (EC) 2010/49 of 30 November 2009 determining the first regions for the start of operations of the Visa Information System (VIS).
- Regulation (EC) 810/2009 of the European Parliament and the Council of 13 July 2009 establishing a Community Code on Visas (Visa Code).
- Decree no. 4516/495 of 6 October 2011 containing “Regulation concerning the Visa Information System (VIS) for the exchange of data between Member States”
- Council Decision of 22 July 2013 fixing the date of effect of Decision 2008/633/JHA concerning access for consultation of the Visa Information System (VIS) by designated authorities of Member States and by Europol for the purposes of the prevention, detection and investigation of terrorist offences and of other serious criminal offences
- Codice in materia di protezione dei dati personali (d.lgs. 30 giugno 2003, n. 196)