The Office for Personal Data Protection



Important links


Path: Home Page > Main menu > Schengen


Schengen Information System (SIS)


What is Schengen information system (SIS)?

The Schengen Information System is key compensatory measure for the abolition of internal border checks. The SIS II therefore continues to play crucial role in facilitating the free movement of people within the Schengen area. SIS is a large database shared between member states to maintain public security, support police and judicial co-operation and manage external border control. SIS contains extensive information on persons and objects, including personal data.

SIS allows competent national authorities to issue and consult alerts on persons who may have been involved in a serious crime or may not have the right to enter or stay in the EU. It also contains alerts on missing persons, in particular children, as well as information on certain property, such as banknotes, cars, vans, firearms and identity documents, that may have been stolen, misappropriated or lost.

In order to make Schengen area even more secure and provide an effective tool for cooperation between all member states including new ones it was necessary to adjust the former SIS. On the day of 9th April 2013 the new SIS of the second generation (SIS II) with enhanced facilities started operating. Being a state-of-the-art IT system and one of the largest of its kind worldwide, it ensures strong data protection.

A new version of the Schengen Information System is expected to be launched untill the end of 2023.

Legal Framework

The technical aspects and the operation of the SIS II, the conditions for issuing alerts on refusal of entry or stay for non-EU nationals, the processing of data relating to alerts and conditions of data access and protection are laid down in the:¨

  •  Regulation (EC) No 1987/2006 of the European Parliament and of the Council of 20 December 2006 on the establishment, operation, and use of the second-generation Schengen Information System (SIS II).

The necessary legislative basis for governing SIS II for matters regarding alerts on persons and objects entered in SIS II for facilitating police and judicial cooperation in criminal matters is laid down in the:

  •  Council Decision 2007/533/JHA of 12 June 2007 on the establishment, operation and use of the second generation Schengen Information System (SIS II)

What are the possible reasons for issuing an alert in the SIS?

In essence, the relevant national authority in one country may issue an alert which describes the person or object being sought. Reasons for issuing an alert are:
  •  to refuse entry to persons who do not have the right to enter or stay in Schengen territory,
  •  to find and detain a person for whom a European Arrest Warrant has been issued,
  •  to assist in locating individuals or objects as requested by judicial or law enforcement authorities,
  •  to find and protect a missing person,
  •  to find stolen or lost property.

What are the rights of data subject?

From the viewpoint of personal data protection, it is important to guarantee certain rights of individuals who can exercise these rights in order to actively participate in protection of their rights and, thus, also their privacy. The SIS II legal framework places great emphasis on securing these rights in relation to processing of personal data in the Schengen Information System. Every person has the right to know what information about them has been entered in the SIS II and also has the right to demand correction or deletion of data if they are incorrect or unlawfully stored in the system. These rights are exercised always in compliance with the national legislation of the country in which they are claimed, the relevant procedures in individual Member States may therefore differ.


  • Right to access the data

Everyone has the right to ask for the information on whether and what personal data concerning them were entered into the SIS II, for what reason, and by which authority of which specific member state they were entered.

  • Right to correction or deletion

Everyone has the right to have factually inaccurate data (i.e. inaccurately entered) processed in the SIS concerning them corrected and any unlawfully stored data deleted from the SIS.

How to proceed when exercising these rights in the Czech Republic?

The data subject has a right of direct access to the data. The data subject should primarily exercise their rights in respect of the SIS II vis-a-vis the data controller, i.e., the Police of the Czech Republic.

Contact details:

Police Presidium of the Czech Republic
P. O. Box 62/K-SOU
Strojnická 27
170 89 Praha 7
Czech Republic

ID DS: gs9ai55

Any data subject is entitled to send a written request to the Police of the Czech Republic asserting their right to information, deletion or correction of their data processed in the SIS. Information about the processing of personal data in the SIS is to be revealed only to the data subject concerned (or their representative). The request must contain identification of the applicant – all first name/s, surname, date and place of birth and address. The data subject shall attach a copy of valid identity document and in the case of representation of the applicant a copy of the legal authorization. The Police is obliged to answer within 60 days. Exercise of the right of access is free of charge.

More information on the website of the Police of the Czech Republic.

Due to the fact that execution of the rights may differ from state to state the Guide providing complete information is available here.

It is recommended to use the contact forms:

Request for providing information regarding personal data processed in the Schengen Information System (SIS)
Request for correction/deletion of personal data processed in the Schengen Information System (SIS)

!! The Office for Personal Data Protection brings to attention that applicants should always clearly state the correct and up-to-date return address. The Police of the Czech Republic, as the data controller, sends written replies by registered post. If you provide an incorrect or outdated address, the reply to your request will fail to be delivered. !!


Any person may bring an action before the court or the authority competent under the law of any member state to access, correct, delete, or obtain information or to obtain compensation in connection with an alert relating to him.

When to contact the Office for Personal Data Protection?

In some member states (e.g., the Czech Republic) when the data subject must first contact the data controller (competent law enforcement authority) and in the case when the answer provided is not, it is possible to contact national data protection authority with applying the right on verification of processing of personal data in the SIS.

The Office for Personal Data Protection is competent to review personal data processing within the national part of the SIS at the request of data subjects in cases where there is a suspicion of an unlawful procedure or where the controller (the Police of the Czech Republic) has not provided a satisfactory response. That is why we recommend contacting the Office for Personal Data Protection after the Police have already been asked for the information. If the data subject contacts the Office for Personal Data Protection first, the request will be forwarded to the controller (Police of the Czech Republic) which may lead to delays in processing their request.

It is recommended to use the contact form:

Complaint concerning the processing of personal data in the Schengen Information System (SIS)



Placing: Document folders > Site map > Main menu > Schengen > Schengen Information System (SIS)

Display up to date documents | document archive | documents including archive


Mode No graphics is currently switched on. Therefore you see the web page with no decorative graphics as well as any advanced formatting. If your browser supports CSS2, you can switch a graphic mode on.

Copyright © 2013 The Office for Personal Data Protection. All rights reserved.
web & design , editorial system