Privacy protection policy
The Ministry of Foreign and European Affairs of the Slovak Republic (hereinafter referred to as the “Ministry”) is the central state administration authority in the field of foreign policy and relations with other countries and international organisations. It participates in creating a uniformed Slovak foreign policy and implements this policy in compliance with generally binding legal regulations (e.g., Act No. 575/2001 Coll. on the Organisation of the Government’s Operation and Organisation of Central State Administration as amended and Statute of the Ministry No. 4/1998).
The key objective of the Ministry in the area of personal data protection is to implement the provisions of Act No. 428/2002 Coll. on Protection of Personal Data as amended, related legal regulations, as well as international treaties binding for the Slovak Republic. These regulations, among other things, reflect the principles of the common policy of EU Member States – contracting parties to the Schengen Information System Convention – in the area of visa issuance.
In accordance with the personal data protection act, a “Security Plan” – a document of a strategic nature defining the basic security objectives and security policy in the field of personal data processing – was created at and approved by the Ministry.
Based on this document, the “Security Project for Personal Data Protection at the Ministry” was elaborated and “Guidelines No. 47/2005 concerning the protection of personal data at the Ministry” was issued. These documents emphasise the importance of assuring confidentiality, integrity, accuracy and up-to-date information of processed personal data, as well as the availability of these data for the set purpose of processing. The aim is to ensure that the scope of personal data being processed does not exceed the information necessary for achieving the set purpose. The controller destroys these data immediately after this purpose is served.
Individual units of the Ministry abroad (consular offices and general consulates) have elaborated Security Guidelines on the protection of personal data that are adapted to specific local conditions.
In addition to these basic security documents, the Ministry also applies other legal regulations and internal documents related to the protection of personal data.
In compliance with the personal data protection act, a person responsible for overseeing the protection of personal data has been appointed: data subjects can turn to this person in the exercise of their rights with respect to the controller.
The Ministry of Foreign and European Affairs of the Slovak Republic respects and applies all requirements related to fundamental rights of data subjects and specifically the right to privacy in the processing of personal data.
Protection of personal data
Terms related to the protection of personal data.
For better understanding of the text on the rights of data subjects with respect to the protection of personal data, we provide an explanation of the terms used, as defined by Act No. 428/2002 Coll. on the Protection of Personal Data as amended:
Data relating to an identified or identifiable natural person, while such person is one that can be identified, directly or indirectly, in particular by reference to one or more characteristics or factors specific to his physical, physiological, psychic, mental, economic, cultural or social identity.
Any structured file, system or database containing one or more personal data systematically processed for the needs of achieving a purpose according to specific criteria and conditions, while using automated, partially automated or other than automated means of processing (e.g. card index, list, register, files, records, documents, contracts, assessments, etc.)
Note: intentionally abbreviated
Any natural person who comes into contact with personal data in the context of their employment, civil service, service relationship or membership, based on authorisation, election or appointment or in the context of the performance of a public office, who may process personal data only upon instruction of the controller, controller’s representative or processor. Every such person is instructed about the principles of processing personal data in accordance with the personal data protection act.
Any natural person whose personal data are being processed.
A person appointed by the controller to oversee adherence to legal regulations in the processing of personal data.
A state administration authority, territorial self-government authority, other public authority body or a legal or natural person that alone or jointly with others determines the purposes and means of the processing of personal data.
The rights of data subjects
Legislative framework of the protection of personal data:
The protection of personal data in the Slovak Republic is governed by Act No. 428/2002 Coll. on the Protection of Personal Data as amended (hereinafter referred to as the “personal data protection act”). The oversight of the protection of personal data is carried out by the Personal Data Protection Office (hereinafter referred to as the “Office”), which is a state administration authority with national competence.
The position of the Ministry of Foreign and European Affairs of the Slovak Republic with respect to the processing of personal data.
Being a central state administration authority for the area of foreign policy, the Ministry of Foreign and European Affairs of the Slovak Republic (hereinafter referred to as the “MFA SR”) is a controller of information systems processing personal data of nationals of the Slovak Republic, as well as nationals of other states, who have for any reason entered into contact with the Ministry of Foreign and European Affairs or its offices abroad (diplomatic missions and their consular departments, General Consulates) and provided their personal data for purposes defined by law.
Consular offices at individual Slovak diplomatic missions and General Consulates abroad process personal data of data subjects in the context of their administrative activities and the data are processed by instructed personnel authorised to process these data. Documents containing personal data of data subjects are delivered, using a standard procedure, to the relevant public administration authorities for further processing according to the individual types of administrative activities (e.g. – register offices - Act No. 154/1994 Coll. on Registry offices; passports – Act No. 381/1997 Coll. on Passports; residence of foreigners in Slovakia – Act No. 404/2011 Coll. on the Residence of Foreigners and on Amendment and Supplementation of Certain Laws, etc.).
The principle of legality is applied in the processing of personal data at the MFA SR and its offices. MFA SR guarantees a fair and legal processing of personal data of each data subject and these data are acquired only to an extent and for a purpose explicitly defined by law. Personal data acquired are processed in compliance with the principles of ethical conduct and the MFA SR will refrain from acting in a way that would be at variance with or evade this act or any other generally binding legal regulations.
The rights of a data subject
Under § 20 of the personal data protection act, every data subject is entitled to request in writing from a controller of information systems (including the MFA SR):
a) information about the state of processing of his/her personal data in the information system in a generally intelligible form and to the extent specified under § 26 (3) of the personal data protection act,
b) exact information, in a generally intelligible form, about the source from which it obtained his personal data for processing,
c) a copy of his personal data, in a generally intelligible form, which constitutes the subject of processing,
d) correction of inaccurate, incomplete or outdated information, which constitutes the subject of processing,
e) destruction of his personal data, provided that the purpose of processing these data under § 13 (1) has been served. If the subject of the processing of data is an official document containing personal data, he may request that it be returned,
f) destruction of his personal data, which constitute the subject of processing, provided that the personal data protection act has been breached.
The rights of a data subject under § 20 (1) d) and e) of the personal data protection act can be restricted only if such a restriction is stipulated by a special act or if application of the right would breach the protection of a data subject or breach the rights and freedoms of other persons.
Restriction of the rights of data subjects under § 20 (1) d) and e) of the personal data protection act will be immediately reported by the controller in writing to the data subject and to the Office.
The responsible person and his obligations with respect to the application of the rights of data subjects
Under § 19 of the personal data protection act, a person responsible for overseeing the protection of personal data, has been appointed. In addition to other tasks, this person also ensures the processing of requests of data subjects related to the application of their rights under § 20 to §22 of the personal data protection act. The controller is obliged to meet the requests of data subjects under § 20 of the personal data protection act and inform the data subject in writing within 30 days upon receipt of the request.
You can send your requests related to the application of your rights in writing or electronically to:
Ministerstvo zahraničných vecí a európskych záležitostí
Hlboká cesta 2
833 36 Bratislava
Tel.: + 421 2 5978 1111
If the data subject is unsatisfied with the course and method of processing his request related to the exercise of his rights under § 20 of the personal data protection act, he is entitled to turn to the Office: www.dataprotection.gov.sk
Information on the rights related to the protection of personal data
When submitting an application for Slovak visa, the data subject gives his consent to the processing of his personal data by signing the visa application. The wording of the consent in the visa questionnaire reads as follows:
“I am aware of and consent to the following: the collection of the data required by this application form and the taking of my photograph and, if applicable, the taking of fingerprints, are mandatory for the examination of the visa application; and any personal data concerning me which appear on the visa application form, as well as my fingerprints and my photograph will be supplied to the relevant authorities of the Member States and processed by those authorities, for the purposes of a decision on my visa application.
Such data as well as data concerning the decision taken on my application or a decision whether to annul, revoke or extend a visa issued will be entered into, and stored in the Visa Information System (VIS)** for a maximum period of five years, during which it will be accessible to the visa authorities and the authorities competent for carrying out checks on visas at external borders and within the Member States, immigration and asylum authorities in the Member States for the purposes of verifying whether the conditions for the legal entry into, stay and residence on the territory of the Member States are fulfilled, of identifying persons who do not or who no longer fulfil these conditions, of examining an asylum application and of determining responsibility for such examination. Under certain conditions the data will be also available to designated authorities of the Member States and to Europol for the purpose of the prevention, detection and investigation of terrorist offences and of other serious criminal offences. The authorities of the Member State responsible for processing the data are: Ministry of Foreign and European Affairs of the Slovak Republic, Hlboká cesta 2, 833 36 Bratislava and Ministry of Interior of the Slovak Republic, Border and Alien Police Bureau, Vajnorská 25, 812 72 Bratislava.
I am aware that I have the right to obtain in any of the Member States notification of the data relating to me recorded in the VIS and of the Member State which transmitted the data, and to request that data relating to me which are inaccurate be corrected and that data relating to me processed unlawfully be deleted. At my express request, the authority examining my application will inform me of the manner in which I may exercise my right to check the personal data concerning me and have them corrected or deleted, including the related remedies according to the national law of the State concerned. The national supervisory authority of that Member State that will hear claims concerning the protection of personal data is: The Office for Personal Data Protection of the Slovak Republic, Odborárske námestie 3, 817 60 Bratislava.
I declare that to the best of my knowledge all particulars supplied by me are correct and complete. I am aware that any false statements will lead to my application being rejected or to the annulment of a visa already granted and may also render me liable to prosecution under the law of the Member State which deals with the application.
I undertake to leave the territory of the Member States before the expiry of the visa, if granted. I have been informed that possession of a visa is only one of the prerequisites for entry into the European territory of the Member States. The mere fact that a visa has been granted to me does not mean that I will be entitled to compensation if I fail to comply with the relevant provisions of Article 5(1) of Regulation (EC) No 562/2006 (Schengen Borders Code) and I am therefore refused entry. The prerequisites for entry will be checked again on entry into the European territory of the Member States.”
Further information with regard to the protection of personal data.
More detailed information with regard to the protection of personal data, including the personal data protection act and European regulations, as well as answers to frequently asked questions, can be found on the Office’s website at www.dataprotection.gov.sk, or you can contact the Office at:
Úrad na ochranu osobných údajov
Odborárske námestie 3
817 60 Bratislava
Tel.: + 421 2 502 39 418
Other issues associated with the residence of foreigners in Slovakia in relation to the processing of personal data after the submission of a visa application are regulated by Act No. 404/2011 Coll. on the Residence of Foreigners and on Amendment and Supplementation of Certain Laws.
Request (letter of application) for providing information (rtf; 37,39 kB)
Letter of application (request) for liquidation/correction of personal data (rtf; 37,05 kB)