National Visa Information System (N-VIS)
Technology can play a key role in improving and reinforcing external borders. Over the past years, Cyprus has been operating a large-scale IT system (N.VIS) for collecting and processing visa applications.
What is VIS?
The National Visa Information System (N.VIS) allows the Ministry of Foreign Affairs. to processes data and make decisions relating to applications for short-stay visas to visit, or to transit through, the Republic of Cyprus. For this purpose, the N.VIS is connected to the stop-list of the police. At this stage 38 Embassies and Consulates use the N.VIS.
What is the purpose of VIS?
(a) The N.VIS enables the Ministry of Foreign Affairs to check if a visa applicant is filed as a forbidden immigrant in the national stop-list.
(b) It enables border guards to verify that a person presenting a visa is its rightful holder.
(c) It assists in preventing, detecting and investigating terrorist offences and other serious criminal offences.
How does it work in practice?
Visa applications are submitted in paper form. In some countries, visa applications are submitted to External Service Providers (ESPs) who then forward them to the contracted local Cypriot Embassy/ Consulate. In the Russian Federation the applications can be submitted only through the Consular authorities (Consulate in Moscow, General Consulate in St. Petersburg, General Consulate in Ekaterinenburg, Genaral Consulate in Krasnodar). Once the applicant’s details are entered in the N.VIS, a number of checks are run including for determining if the applicant is filed in the national stop-list as an illegal immigrant. Clear of all checks, the visa is issued to the applicant.
Who can access VIS?
Access to VIS data has only authorized personnel of the Ministry of Foreign Affairs for the purpose of visa application management. Competent visa authorities (the Police) may use the VIS for the purpose of examining applications at the points of entry and/ or for Visa extension at District Police Immigration Offices.
The authorities responsible for carrying out checks at external borders and within the national territories have access to query the VIS for the purpose of verifying the authenticity of the visa.
The main acts constituting the N.VIS legal framework are:
· Regulation (EC) No 767/2008 of the European Parliament and of the Council of 9 July 2008 concerning the VIS and the exchange of data between Member States on short-stay visas (VIS Regulation), OJUE L 218, 13.8.2008, p. 60.
· Council Decision 2008/633/JHA of 23 June 2008 concerning access for consultation of the VIS by designated authorities of Member States and by Europol for the purposes of the prevention, detection and investigation of terrorist offences and of other serious criminal offence, OJUE L 218, 13.8.2008, p. 129.
How is my data in VIS protected?
All personal data processed in relation to visa application management are protected by the European Union data protection legislation (The General Data Protection Regulation – GDPR) and the implementing national data protection legislation. Access to N.VIS data is limited to authorized staff in the performance of their tasks. They must ensure that the use of N.VIS data is limited to that which is strictly necessary, appropriate and proportionate for carrying out their tasks.
Although VIS is not accessible from the internet, any person has the right to be informed about his/her data in the VIS. Any person may request that inaccurate data about him/her is corrected and unlawfully recorded data is deleted.
The lawfulness of processing N.VIS personal data is supervised by the Commissioner for Personal Data Protection who is the National Supervisory Authority.
What are my rights?
Each individual has the following rights regarding the processing of their personal data in the N.VIS:
· the right to ask about the data relating to them in the VIS,
Whom can I contact for more information?
· the right to request that inaccurate data relating to them in the VIS be corrected,
· The right to submit a complaint to the Commissioner for Personal Data Protection.
The Ministry of Foreign Affairs has appointed a Data Protection Officer (DPO) who can advise data subjects in relation to the exercise of their rights. The DPO can be contacted at firstname.lastname@example.org.