Schengen Information System (SIS)

There are no internal borders between Schengen countries. Therefore, there is an information system that takes the place of border checks. This is the Schengen Information System (SIS). With this system, border, immigration, police, customs and judicial authorities in the European Union (EU) and Schengen associated countries can cooperate and exchange information.

On this page

Content of the SIS

Competent national authorities, such as police and border guards, may enter and consult alerts on persons and objects in a single common database. These persons and objects can be found anywhere in the EU and the Schengen area during border checks, police checks or checks by investigative services.

Is someone going on a trip, for example by plane? Then they may have to deal with passport control by the border control authority. In the Netherlands it is the Royal Marechaussee. Is this person registered in the SIS? Then the border control authority will receive a signal. This may mean, for example, that they are not allowed to leave or enter the Schengen area.

Users of the SIS

These organisations use the SIS:

  • The National Police;
  • The Public Prosecutor’s Office;
  • Border surveillance organisations (in the Netherlands: the Royal Marechaussee, Seaport Police and Customs)
  • Immigration authorities, such as in the Netherlands the Immigration and Naturalisation Service (IND).

Versions of the SIS

The SIS has been in place since 1995. The second generation of SIS (SIS II) was introduced in 2013. The SIS II has additional functionalities, such as the possibility to add fingerprints and photographs to alerts. On 7 March 2023, the new SIS entered into operation and is expanded with new alerts, improved data and wider functionalities.

Data in SIS

SIS contains alerts on persons or objects. Such as:

  • persons prohibited from entering the Schengen area;
  • persons to be arrested or extradited;
  • missing persons;
  • persons wanted to cooperate in criminal proceedings, such as witnesses;
  • objects sought to be seized and used as evidence in criminal proceedings.

As of 7 March 2023, SIS also includes alerts on:

  • alerts on persons from third countries against whom return decisions have been issued by the Schengen countries.
  • alerts to protect vulnerable persons (adults or children) against illegal transfer abroad or to prevent them from travelling without the necessary consent.
  • alerts containing only finger and palm traces of a perpetrator of a criminal offence found at the scene of a terrorist offence or other serious criminal offence under investigation. These alerts are issued to identify the offender in accordance with national law.

Personal data in SIS

SIS includes these personal data:

  • General identification data, such as a person's name and date of birth.
  • Fingerprints and photographs.
  • Since 7 March 2023: palm prints, fingerprints and palm traces. This data can be used for biometric examinations and to confirm a person's identity.
  • Since 7 March 2023: DNA profiles of persons reported missing or of their parents, grandparents or siblings. This data can be used to confirm a person's identity.

For more information, see: Alerts and data in SIS on the European Commission website.

Supervision of SIS

With the arrival of the new SIS, monitoring will take place via a coordinated monitoring platform. This is the Coordinated Supervision Committee (CSC). The CSC is part of the European Data Protection Board (EDPB) and meets several times a year in Brussels.

The CSC consists of:

  • the national data protection authorities;
  • the European Data Protection Supervisor (EDPS).

The Dutch Data Protection Authority (Dutch DPA) participates in the CSC on behalf of the Netherlands.

The Dutch DPA is responsible for monitoring the processing of personal data in the national part of the SIS (N.SIS). This section consists of national data systems that are connected to Central SIS. Each Member State transmits alerts via its (own) N.SIS.

The oversight of the Dutch DPA includes:

  • Inspections of organisations processing data in N.SIS;
  • Periodic audits;
  • Handling complaints or requests for mediation.

Your rights if you are in SIS

Are you (possibly) registered in SIS? In principle, you have the right to access your data. This means that you can ask if you are registered in the SIS. And if so, which personal data of you are included in the SIS and for what purpose.

Does the information about you in the SIS turn out to be incorrect? Or is your data incorrectly listed in SIS? Then you have the right to ask for your data to be corrected or deleted.

You can request access in any Schengen country. You should address your request to the national authority responsible for data processing in the SIS. In the Netherlands, this is the National Police.

You can make your request to the National Police in 2 ways: digitally or by post.

Digital request SIS

If you want to submit your request digitally, you can do so via Request to access or modify an alert in the Schengen Information System (SIS) on the National Police website. There you can read what you need to include. You can choose to make your passport photo and your citizen service number (BSN) or personal identification number invisible.

Request by post SIS

Do you prefer to make your request by post? Then you can use the example letter inspection SIS (in Dutch) or the sample letter correction or deletion SIS (in Dutch).

Send your request to:

National Police
National Unit National Police
Staff privacy desk
PO Box 100
3970 AC Driebergen

Please note if you make your request by post:

  • You must send a copy of your ID. You can choose to make your passport photo and your citizen service number (BSN) or personal identification number invisible.
  • You must sign the letter.
  • Does a legal representative submit the request for you? You must also send a written authorisation.

Response to request

You will receive a response to your request for inspection within 6 weeks. The National Police may extend this period by 4 weeks, if necessary. You will be notified in writing.

Your request for access to your data may only be refused if this is necessary, for example, to perform the police task properly, to protect the rights and freedoms of others or because of state security.

Do you then make a request for correction or deletion of your data? Then the National Police will let you know how your request will be dealt with.

If you do not agree with the decision to your request

Have you requested access to, or correction or deletion of your personal data in the SIS? But are you not satisfied with the decision (answer) to your request? Or have you not received a response? Then you can go to court in any Schengen country.

You can request access, correction or deletion of your data from the court. You can also claim compensation for the (unjustified) alert of your data in the SIS.

The time limit within which you can go to court depends on the rules of the country in which you do so. In the Netherlands, you must do this within 6 weeks after the decision has been sent to you. You can seek advice on this procedure with a lawyer or, in The Netherlands, the Legal Help Desk (het Juridisch Loket).

Mediation by the Dutch DPA

In the Netherlands, you can also choose to ask the Dutch DPA to mediate before you go to court. To do this, please send a letter to the Dutch DPA within 6 weeks after the decision has been sent to you. Or if the time limit within which you should have received a response has expired. You can use our example SIS mediation letter for this purpose.

In addition, you have the right to lodge a complaint with the Dutch DPA, if you believe that the processing of your personal data in SIS is unlawful.

More information
You can find more information on exercising your privacy rights in relation to SIS in The Schengen Information System - a guide for exercising data subjects' rights: the right of access, rectification and erasure

Question about SIS?

Do you have an individual question about SIS? For example, do you know that someone with the same name as you is registered in SIS and are you wondering what the consequences are? Please contact the authority responsible for SIS at national level as soon as possible. In the Netherlands you can contact:

National Police
National Unit National Police
Staff privacy desk
PO Box 100
3970 AC Driebergen

E-mail: jz.le@politie.nl

Current