The Visa information system (VIS) is a system that includes information, including biometric data, on third-country nationals who need a visa to enter the Schengen area for visa applications.

The VIS was established in June 2004 by Council Decision 2004/512/EC.

The administrator of the Latvian national component of the VIS in accordance with Cabinet of Ministers 57 of Cabinet Regulation No. 676 of 30 August 2011 is the Office of Citizenship and Migration Affairs (https://www.pmlp.gov.lv/).

The operational objectives of the VIS:

  • Facilitation of checks before issuing visas: The Visa Information System (VIS) enables border guards to verify the authenticity of the visa holder. It assists in identifying individuals within the Schengen area who lack proper documentation or possess fraudulent documents. The utilization of biometric data for verifying the visa holder's identity allows for quicker, more precise, and safer inspections. Additionally, the VIS streamlines the visa application process, particularly benefiting frequent travelers.
  • Combatting abuse. While the majority of visa holders adhere to the regulations, violations can occur. For instance, the VIS aids in the fight against fraudulent activities like "visa shopping" (i.e., submitting additional visa applications in other EU countries after a rejection).
  • Protecting travelers. Biometric technology enables the recognition of travelers using someone else's travel documents, thereby safeguarding individuals from identity theft.
  • Assisting in processing asylum applications. The VIS simplifies the process of determining which EU country is responsible for examining an asylum application and assists in the examination of such applications.
  • Enhancing security. The VIS helps in the prevention, detection, and investigation of terrorist threats and other serious criminal offenses. 

How the VIS works:

In the Visa Information System (VIS), 10 fingerprints and a digital photograph are collected from visa applicants. These biometric data, along with the information provided in the visa application form, are securely stored in a central database.

Children under 12 and individuals physically unable to provide fingerprint scans are exempt from the requirement of submitting 10-digit fingerprints. Frequent travelers to the Schengen area do not need to undergo repeated fingerprint scans with each new visa application. Once stored in the VIS, fingerprint data can be reused for future visa applications within the next 5 years.

The fingerprints of the visa holder can be compared with those in the database when crossing the external borders of the Schengen area. Non-compliance with the provided fingerprints does not automatically result in entry refusal; instead, it triggers a thorough verification of the traveler's identity.

How personal data are protected in the VIS:

Access to VIS data by authorized personnel must be restricted to the performance of their tasks. They are responsible for ensuring that VIS data is utilized to the extent necessary, appropriate, and proportionate for the execution of their duties.

Data within the VIS is retained for a limited period of five years, commencing from the visa's expiry date, the date of a negative decision, or the date of a decision to modify the issued receipt. Any individual has the right to be informed about their data in the VIS. Anyone can request the correction of inaccurate data and the deletion of unlawfully recorded information concerning themselves.

Each EU country should mandate its national supervisory authority (in Latvia, this authority is the Data State Inspectorate) to oversee the lawful processing of personal data within that country. The European Data Protection Supervisor is responsible for monitoring activities at the European level.

For more detailed information on VIS, refer to the Visa Information System booklet and visit the European Commission website at https://ec.europa.eu/home-affairs/what-we-do/policies/borders-and-visas/visa-information-system_en.

If your request, as a data subject, has not been addressed within one month or has been rejected, you have the option to file a complaint with the Data State Inspectorate to safeguard your rights.