Schengen border control

When is data collected on border crossing?

As a result of the Schengen Agreement (14 June 1985) and Convention (19 June 1990), the Schengen countries created joint visa area and also increased cooperation.

One of the principles pervading the Schengen is the freedom of movement of individuals. As a result, no border checks take place on the internal Schengen borders – border checks only take place on the external borders of the Schengen area. In addition, some foreigners are requested to present visa for entering the Schengen area.

More information or explanations can be found

• on history and principles of the Schengen area, and information systems used, on the webpage of European Commission
• on crossing borders on our webpage
• on visa, visa-free travel and application for a Schengen visa on webpage of Ministry of Foreign Affairs
• on long-stay (category D) visa and application for this visa, and extending period of stay on our webpage

Schengen Information System

One of the measures which contributes to ensuring public order, public security and free movement of individuals in Schengen is the Schengen Information System (SIS). It is a common database for competent border guard, migration, police, customs, national security and judicial authorities, who enter or search alerts in SIS. An alert shall contain data the collection and exchange of which will help to locate persons and objects who pose or may pose a threat to security within the territory of the member states.

Estonian data in Schengen Information System

In Estonia, the Police and Border Guard Board is responsible for the domestic part of SIS. Data is also entered into the SIS through the Police and Border Guard Board, for which the national SIS register is created. In addition to data entered by us, we have access to data entered by other member states.

Likely, there is no data related to you in the SIS, if you have not committed any offence nor violated the rules for stay in the Schengen area (please see in detail on our webpage Questions about crossing the border, including on legal grounds for arriving and staying in the country).

Your data in Schengen Information System

Regardless of which citizenship you hold, you have the right for confirmation as to whether or not your personal data is being processed in SIS, and, access to personal data and information on processing of this data. There is also the right to request the correction of inaccurate data concerning oneself and entered into the information system or, deletion of data, if you find that there is no (no longer) legal basis for the use of personal data.

In Estonia, the person can access personal data entered into SIS by submitting a request by themselves or a legal representative to

• Police and Border Guard Board (e-mail ... or postal address Pärnu mnt 139, 15060, Tallinn. To send files securely, please encrypt them using the “Politsei- ja Piirivalveamet (PPA) 70008747” certificate, if possible) or
• Data Protection Inspectorate (e-mail ...).

If you know, concerning you, there may be a valid entry ban, that prohibits you from entering or staying in Estonian territory for a specified period, you can check the validity of the entry ban on webpage of Ministry of the Interior.

If you have been in contact with law enforcement authority of another member state, we recommend you to request access to data directly from this authority, without going through the Police and Border Guard Board. If you have submitted an application to us, but the data has been entered to the information system by another member state, we must in any case ask the opinion of the central authority responsible for the national part of the SIS of that country before issuing the data.

Your data in common European Union Visa Information System

In the Schengen area, the Visa Information System (VIS), which connects the consular authorities of the Schengen member states and the border crossing points at the external borders with a central database, helps to the implement the common visa policy and information exchange. In Estonia, the Police and Border Guard Board is responsible for the Visa Register through which the VIS is consulted by the competent authorities.

Everyone has the right for confirmation as to whether or not your personal data is being processed in VIS, and, access to personal data and information on processing of this data. There is also the right to request the correction of inaccurate data concerning oneself and entered into the information system or, deletion of data, if you find that there is no (no longer) legal basis for the use of personal data.

In Estonia, the person can access personal data entered into information system by submitting a request by themselves or a legal representative to

• Police and Border Guard Board (e-mail ... or postal address Pärnu mnt 139, 15060, Tallinn. To send files securely, please encrypt them using the “Politsei- ja Piirivalveamet (PPA) 70008747” certificate, if possible) or
• Data Protection Inspectorate (e-mail ...).

Also, the Ministry of Foreign Affairs and Internal Security Service may issue VIS data.

If you request data on Schengen (category C) visa, the Ministry of Foreign Affairs is competent authority to reply to you.

If your request is related to visa issued at the external border (category C), we can issue data from Visa Register or VIS.

If you request data on long-stay (category D) visa, we can issue data from Visa Register.

Request to Police and Border Guard Board on data in Schengen Information System or Visa Information System

The application must be signed manually or digitally. We accept Estonian digital ID or digital signatures of service providers on the European Union’s trusted list. If it is not possible to sign the application digitally, please contact the nearest police station, service office or border crossing point to submit the application. A copy of the identity document showing the person’s photograph may be attached to the application, but please do attach it to the application concerning the third-country national.

The application must indicate the person’s name, date of birth and other information that helps to identify the person whose data is requested and to resolve the application. For example, the authority which entered the data in question, the type of data, information on where and how the data owner became aware of the data in the SIS, or which data are being deleted or corrected.

Documents

• A sample application form for Schengen Information System
• A sample application form for Visa Register or Visa Information System

Application submitted in a language other than Estonian, English or Russian will be accepted as possible.

In addition to the submitted request, we may ask the applicant for additional information, as we must be certain of the identity of the person before personal data are issued. For example, we may find that a copy of an identity document does not establish with certainty that the applicant is the same person whose personal data are requested or whose personal data the applicant wishes to be corrected or erased.

We refuse to comply with the request or restrict issuing of personal data in justified cases only on the grounds provided by law, if, for example, examining of the data may:

• harm another person’s rights or freedoms
• jeopardize national security
• obstruct or damage prevention, detection, processing of offences or carrying out of punishment.

We will reply to you in Estonian or English in 30 days electronically, if you have submitted request electronically, and have not requested otherwise. If we are unable to respond within this period, we will inform you and extend the deadline for replying to 90 days.

Before replying, we will consult the Data Protection Inspectorate, if necessary. For example, if you have submitted an application to both the Police and Border Guard Board and the Data Protection Inspectorate at the same time.

If you are not satisfied with the response of the Police and Border Guard Board, you have the right to file an appeal with the Data Protection Inspectorate or to turn to the administrative court.

Data protection conditions

As the data controller, the Police and Border Guard Board must ensure, that the processing of personal data in the SIS and in the Visa Register complies with the requirements in force.

If you want more information on data protection conditions in the Police and Border Guard Board, you can see our website or contact Data Protection Officer Jenny Jakobson at ... or by calling +372 612 3680.

More detailed data protection requirements related to use of SIS data are specified in:

• Regulation (EU) 2018/1862 (police cooperation and judicial cooperation in criminal matters)
• Regulation (EU) 2018/1861 (border checks)
• Regulation (EU) 2018/1860 (return of illegally staying third-country nationals)
• Regulation of the Minister of Interior No 93 “Statute of the Maintenance of the National Register of the Schengen Information System” of 22 December 2009 (in Estonian).

More detailed data protection requirements related to use of VIS data are specified in:

• Regulation (EC) 767/2008 (VIS Regulation)
• Decision 2008/633/JHA
• Regulation (EU) 2021/1134
• Aliens Act
• Regulation of the Minister of Interior No 71 „Statute of Visa Register“ of 10 December 2015 (in Estonian).

Supervision

In Estonia, the Data Protection Inspectorate monitors the entry of data into the SIS and the use of data in the information system and the use of the VIS.