News Foreign policy Ministry Travel to Poland
PERSONAL DATA PROTECTION (SIS)
Requesting access to personal data stored in the Schengen Information System
Everyone has the right to obtain comprehensive information regarding personal data processed in data filing systems.
In accordance with Article 32 (5) of the Act of 29 August 1997 on the Protection of Personal Data (Journal of Laws of 2002, No. 101, item 926, with subsequent amendments), the person concerned may exercise his/her right to obtain information once every six months.
An application for access is free of charge.
According to the Act of 24 August 2007 on the participation of the Republic of Poland in the
Schengen Information System and the Visa Information System, Poland’s controller of data processed within the Schengen Information System is the Commander-in-Chief of the Police.
Requests for access or modification of data should be sent to him.
Address for correspondence:
General Headquarters of the Polish Police (KGP)
Central Technical Authority KSI
If there is a need for consultation regarding the contents of a request for access to personal data,
you can contact us by phone or via e-mail:
Tel.: +48 (22) 601-53-29 , +48 (22) 601-53-15, e-mail: cot.admin.ksi[at]policja.gov.pl
Pursuant to Article 32 (1-5a) of the Act on the Protection of Personal Data, the data subject may request the following information regarding the processing of his/her personal data:
- whether the data exists in the system,
- how long the data have been processed for,
- the source of data acquisition,
- how data is made available,
- the purpose and scope of data processing,
- to what extent and to whom the data were made available.
The controller will provide the information requested within 30 days. In order to obtain such information, a written request must be submitted in Polish or English.
The request for information should include:
1. name and surname of the applicant,
2. Polish national identification number - PESEL (where applicable),
4. date and place of birth,
5. a photocopy of an identity document containing a clear image,
6. place of residence (country, city, street and house number/apartment),
7. subject matter of the request,
8. signature of person making the request.
In accordance with Article 32 of the Act of 14 June 1960 on the Code of Administrative Procedure
(Journal of Laws of 2000, No. 98, Item 1071, with subsequent amendments), a party may be represented in administrative proceedings by a plenipotentiary unless the nature of the activities requires action in person. Article 33 of the Code establishes the procedural rules for the power of attorney, i.e.:
- the plenipotentiary may be a natural person with legal capacity;
- the power of attorney should be notified in writing;
- the plenipotentiary files an original or an officially certified copy of the power of attorney.
A lawyer, legal counsel or patent agent may themselves authenticate a copy of the power of attorney granted to him/her.
Refusal to provide information on processed personal data
According to Article 30 of the Act on the Protection of Personal Data, the controller may refuse to provide access where this would:
1. result in the disclosure of information constituting a state secret,
2. pose a threat to state security or defence, life and human health or safety and public order,
3. pose a threat to the basic economic or financial interests of the State,
4. result in a substantial breach of the personal interests of data subjects or third persons.
The right to correct the data and request the suspension of their processing or removal
The data subject may ask the controller to supplement, update, correct, remove and temporarily or permanently suspend processing of his/her data. However, the data subject must demonstrate that the data are incomplete, outdated, inaccurate or have been collected in violation of the law or that their processing is no longer necessary to achieve the purpose for which they were collected.
Application proceedings are conducted in accordance with the provisions of the Code of Administrative Procedure.
Contact details of the national data protection authority
In order to provide an adequate level of legal protection for persons whose data are stored in the Schengen Information System, the General Inspector for Personal Data Protection supervises whether the use of data violates the rights of data subjects. This supervision is exercised in accordance with the laws on personal data protection.
Address for correspondence:
Bureau of the Inspector General for Personal Data Protection (GIODO)
Tel. +48 (22) 860-73-93
Fax: +48 (22) 860-70-86
Any person whose data are processed in the Schengen Information System is entitled to submit a complaint to the Inspector General for Personal Data Protection with regard to the implementation of the provisions on the protection of personal data.See more