Prawo osób do informacji

The right of data subjects to information

CTA NITS – Central Technical Authority of the National IT System (CTA NITS) – is the administrator of the data processed by the NITS, in accordance with art. 10 of the Act of 24 August 2007 on the Participation of the Republic of Poland in the Schengen Information System (Journal of Laws in 2018, item 2162 as amended) – Act SIS and VIS.

Central Technical Authority of the National IT System (CTA NITS) - The Commander in Chief of the Police, in accordance with art. 2 p.3 Act SIS and VIS.

CTA NITS examines the applications of persons regarding processing of their personal data in the Schengen Information System (SIS) and Visa Information System (VIS).

I. Data administrator

ul. Puławska 148/150
02-624 Warsaw
phone secretariat: + 48 22 60 148 79, + 48 22 60 131 45
fax secretariat: +48 22 60 129 21

II. Inspector for data protection

ul. Puławska 148/150
02-624 Warsaw
phone + 48 22 60 127 34
fax +48 22 60 128 73

III. Purpose and legal basis for the processing of personal data in SIS and VIS

1) Schengen Information System

General objectives are defined:

  • Regulation (EC) No1987/2006 of the European Parliament and of the Council of 20 December 2006 on the establishment, operation and use of the second generation Schengen Information System (SIS II) (OJ L 381, 28.12.2006, p. 4–23, as amended) - Regulation SIS
  • Council Decision 2007/533/JHA on the establishment, operation and use of the second generation Schengen Information System (2018/C 226/01) (OJ C 226 , 28.6.2018) - Decision SIS
  • Act SIS and VIS

Generally, the purpose of SIS II is to ensure, using information provided through this system, a high level of security within the area of freedom, security and justice of the European Union, including maintenance of public security and public policy and the safeguarding of security in the territories of the Member States.

Personal data contained in SIS alerts may be processed for purposes other than those in which those entries were made if it is related to a specific case and justified by the need to prevent an immediate serious public order or public security threat or where it is justified by serious reasons of national security or the need to prevent serious crimes.

2) Visa Information System

General objectives are defined:

  • Regulation (EC) No 767/2008 of the European Parliament and of the Council of 9 July 2008 concerning the Visa Information System (VIS) and the exchange of data between Member States on short-stay visas (VIS Regulation) (OJ L 218, 28.12.2006, p. 4–23, as amended) - Regulation VIS
  • Council Decision 2008/633/JHA of 23 June 2008 concerning access for consultation of the Visa Information System (VIS) by designated authorities of Member States and by Europol for the purposes of the prevention, detection and investigation of terrorist offences and of other serious criminal offences (OJ L 218/129, 13.08.2008, , as amended) - Decision VIS
  • Act SIS and VIS.

The general objectives of the VIS are set out in art. 2 of the Regulation VIS, which includes improving the implementation of the common visa policy, consular cooperation and consultation between central visa authorities by facilitating the exchange of data between Member States on applications and on the decisions relating thereto, in order to:

  1. facilitate the visa application procedure;
  2. prevent the bypassing of criteria for the determination of the Member State responsible for examining the application;
  3. facilitate the fight against fraud;
  4. facilitate checks at external border crossing points and within the territory of the Member States.

IV. Profiling in the case of VIS data processing

Decisions taken by the competent authorities with a view to examining the application for a visa, checking any unauthorised visa or fulfilling the conditions for entry or stay into the territory of the Republic of Poland or a Member State may be based solely on automated processing of personal data (Article 11 paragraph 2 Act SIS and VIS).

V. Limitations on access to personal data processed in SIS and VIS

1. Art. 11 Act SIS and VIS

The data may be used without the knowledge and consent of the persons whom this data concerns and there is no obligation to disclose the goal for which the data is being collected.

2. Art. 26 of the Act of 14 December 2018 on the protection of personal data processed in connection with the prevention and combating of crime (Journal of Laws, item 125) - Act d.p.c.c.

The information referred to in the provisions of this Chapter shall not be communicated and personal data shall be made available where:

  1. disclosure of information obtained from operational and exploratory activities;
  2. obstructing or preventing the recognition, prevention, detection or suppression of criminal offences;
  3. impede the conduct of criminal, executive, fiscal or fiscal criminal proceedings;
  4. threats to life, human health or safety and public order;
  5. the threat to national security, including the defence or security, and the economic fundamentals of the State;
  6. a material breach of other persons’ personal rights.

The controller may communicate the information referred to in paragraph to the data subject where disclosure would be necessary for the protection of human life or health.

3. Art. 3 - 5 of the Act of 10 May 2018 on the Protection of Personal Data (Journal of Laws of 2018 item 1000 and 1669) - UODO in connection with art. 23 par. 1 lit. a, c, d and lit. and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 381, 28.12.2006, p. 4–23, as amended) - RODO and taking into account art. 11 Act SIS and VIS.

The above rights to request from the administrator access to their personal data, rectification, deletion, restricting their processing or objecting to their processing resulting from the RODO shall be subject to restrictions on access to the requested information and personal data and subject to limitations related to data processing personal data resulting from the above regulations.

 

VI. FORMAL CONDITIONS FOR PROPOSALS ON THE IMPLEMENTATION OF THE RIGHTS CONNECTED WITH THE PROCESSING OF PERSONAL DATA IN SIS AND VIS

THE RIGHT OF PEOPLE FOR INFORMATION – general information

  1. Every person has the right to:

 

a) access to own personal data;

b) demanding supplementing, updating or rectification of own data in case of incomplete, out-of-date or untrue;

c) deletion of personal data where these data have been collected or are processed in violation of the provisions;

d) file a complaint to the President of the Personal Data Protection Office.

 

  1. A person may be represented by a proxy, unless the nature of the act requires his/her personal action, in accordance with art. 32 of the Act of 14 June 1960, the Polish Administrative Code (Journal of Laws of 2018, item 2096, as amended).

 

  1.  Rules of giving legal proxy are set in art. 33 the Polish Administrative Code, i.e.:
  1. the proxy of a party can be natural person having legal capacity;
  2. the proxy should be submitted in writing;
  3. the proxy attaches to the file an original or officially certified copy of the proxy.

A lawyer or a legal advisor and patent agent can certify a copy of a proxy given to them.

SCHENGEN INFORMATION SYSTEM (SIS)

  1.  Access to your personal data      

                  

For this purpose, a written application should be submitted in Polish, which should obligatorily include:

  1. name(s) and surname of the applicant;
  2. citizenship;
  3. date and place of birth (city and country);
  4. address for return correspondence (country, city, postal code, poviat/area, voivodeship/district, street and house/apartment number) - in the case of an application sent by post;
  5. the subject of the application;
  6. handwritten signature of the person submitting the application.

Additionally, in order to unambiguously identify the data, the applicant may provide in the application:

  1. previous/family name;
  2. PESEL number (if the person has it);
  3. sex;
  4. place of residence (country, city, postal code, poviat/area, voivodeship/district, street and house/apartament numer);
  5. attach a photo copy of the page of the identity document containing personal data.

In case of doubts as to the identity of the person who submitted the application, the administrator may request additional information necessary to confirm the person's identity (Article 28 Actd.p.c.c. and Article 12 paragraph 6 RODO).

  1. Request for correction of data processed in SIS which are inaccurate and deletion of personal data processed in SIS

 

For this purpose, a written application should be submitted in Polish, which should obligatorily include:

  1. name and surname of the applicant;
  2. citizenship;
  3. date and place of birth (city and country);
  4. address for return correspondence (country, city, postal code, poviat/area, voivodeship/district, street and house/apartament number) - in the case of an application sent by post;
  5. the subject of the request with justification:
  • in the case of correction of data processed in SIS, inconsistent with the facts, please specify what data should be supplemented/corrected or which are untrue and provide correct data and provide justification confirming the legitimacy of the request;
  • in the case of deletion of personal data processed in SIS, please specify what data should be deleted and indicate the justification confirming the legitimacy of deletion of this data;
  1. handwritten signature of the person submitting the application.

Additionally, in order to unambiguously identify the data, the applicant may provide in the application:

  1. previous/family name;
  2. PESEL number (if the person has it);
  3. sex;
  4. place of residence (country, city, postal code, poviat/area, voivodeship/district, street and house/apartment number);
  5. attach a photocopy of the page of the identity document containing personal data.

In case of doubts as to the identity of the person who submitted the application, the administrator may request additional information necessary to confirm the person's identity (Article 28 Actd.p.c.c. and Article 12 paragraph 6 RODO).

  1. The application to CTA NITS can be directed to:
  1. By post:
    Centralny Organ Techniczny KSI
    Komenda Główna Policji
    ul. Puławska 148/150
    02-624 Warszawa
    Polska
  2. via an electronic inbox available on the website: http://bip.kgp.policja.gov.pl/kgp/elektroniczna-skrzynka/11424,Elektroniczna-skrzynka-podawcza.html

  1. Application template:

You can use the form below to submit an application.

REQUEST FORM FOR THE PROCESSING OF PERSONAL DATA IN SIS

VISA INFORMATION SYSTEM (VIS)

  1.  Access to your personal data

For this purpose, a written application should be submitted in Polish, which should obligatorily include:

  1. name(s) and surname of the applicant;
  2. citizenship;
  3. date and place of birth (city and country);
  4. address for return correspondence (country, city, postal code, poviat/area, voivodeship/district, street and house/apartament number) - in the case of an application sent by post;
  5. the subject of the application;
  6. handwritten signature of the person submitting the application.

Additionally, in order to unambiguously identify the data, the applicant may provide in the application:

  1. previous/family name;
  2. PESEL number (if the person has it);
  3. sex;
  4. attach a photocopy of the page of the identity document containing personal data.

In case of doubts as to the identity of the person who submitted the application, the administrator may request additional information necessary to confirm the person'sidentity (Article 28 Actd.p.c.c. and Article 12 paragraph 6 RODO).

  1. Request for correction of data processed in VIS which are inaccurate and deletion of personal data processed in VIS

For this purpose, a written application should be submitted in Polish, which should obligatorily include:

  1. name and surname of the applicant;
  2. citizenship;
  3. date and place of birth (city and country);
  4. address for return correspondence (country, city, postal code, poviat/area, voivodeship/district, street and house/apartment number) - in the case of an application sent by post;
  5. the subject of the request with justification:
  • in the case of correction of data processed in VIS, inconsistent with the facts, please specify what data should be supplemented/corrected or which are untrue and provide correct data and provide justification confirming the legitimacy of the request;
  • in the case of deletion of personal data processed in SIS, please specify what data should be deleted and indicate the justification confirming the legitimacy of deletion of this data;
  1. handwritten signature of the person submitting the application.

Additionally, in order to unambiguously identify the data, the applicant may provide in the application:

  1. previous/family name;
  2. PESEL number (if the person has it);
  3. sex;
  4. attach a photocopy of the page of the identity document containing personal data.

In case of doubts as to the identity of the person who submitted the application, the administrator may request additional information necessary to confirm the person'sidentity (Article 28 Actd.p.c.c. and Article 12 paragraph 6 RODO).

  1. The application to CTA NITS can be directed to:

 

  1. By post:
    Centralny Organ Techniczny KSI
    Komenda Główna Policji
    ul. Puławska 148/150
    02-624 Warszawa
    Polska
  2. via an electronic inbox available on the website: http://bip.kgp.policja.gov.pl/kgp/elektroniczna-skrzynka/11424,Elektroniczna-skrzynka-podawcza.html

  1. Application template:

You can use the form below to submit an application.

REQUEST FORM FOR THE PROCESSING OF PERSONAL DATA IN VIS

CONTACT

IN THE CASE OF ADDITIONAL QUESTIONS CONCERNING THE RULES FOR SUBMISSION OF APPLICATIONS

Tel.:

+ 48 47 72 153 11
+ 48 47 72 153 36
+ 48 47 72 137 67

+ 48 47 72 153 10

+ 48 47 72 138 04

RIGHT TO BRING A COMPLAINT

  1. Any person whose data is processed in SIS or VIS has the right to lodge a complaint to the President of the Personal Data Protection Office (PPDPO) in the event that the processing of personal data violates the provisions on the protection of personal data or when personal data is processed unlawful. Detailed information: www.uodod.gov.pl

 

  1. Complaint to PPDPO can be directed:

 

  1. by post:
    Prezes Urzędu Ochrony Danych Osobowych
    ul. Stawki 2
    00-193 Warszawa
    Polska

  1. via an electronic inbox available on the website: https://www.uodo.gov.pl/pl/p/kontakt

 

 

Legal basis:

REQUEST FORMS

REQUEST FORM FOR THE PROCESSING OF PERSONAL DATA IN SIS

REQUEST FORM FOR THE PROCESSING OF PERSONAL DATA IN VIS

 

Powrót na górę strony