Strengthening Schengen security and preventing irregular migration
From 12 October 2025 (Sunday) the Entry/Exit System (EES) - a large-scale information system established to prevent irregular migration and enhance security in the Schengen area - will enter into force. This system will record the data of third-country nationals travelling with a short-stay visa or exempt from the visa requirement.
How will the Entry/Exit System work?
The Entry/Exit System will replace the existing stamping of passports at the external borders of the Schengen area. By recording traveller data on entry and exit, the system will allow for more efficient border management and faster checks.
The implementation of the system will be gradual. Schengen States will be able to start registering traveller data at 10% of border crossing points. The registration system should be fully implemented by all Schengen countries within six months of its entry into operation.
What data will be processed?
The system will record personal data from travel documents, including:
- name, date and place of birth,
- the dates of entry and exit,
- biometric data – facial image and fingerprints.
Given the particularly sensitive nature of these data, it is of utmost importance to ensure that individuals can effectively exercise their rights, as well as to continuously supervise the processing of personal data.
Protection of personal data and rights of data subjects
The processing of data in the Entry/Exit system takes place under two personal data protection regimes:
1. GDPR (Regulation 2016/679)– applicable to data processing by border and migration authorities.
2. DODO (Directive 2016/680) – applicable to the processing of data by Member States’ designated authorities for the purposes of preventing or combating crime, including terrorism. In Poland, this directive has been implemented by the Act on the protection of personal data processed in connection with preventing and combating crime. Persons whose data are processed in the EES have the right to:
- access to their data,
- rectification, completion or deletion of data,
- restriction of their processing.
The authorities processing the data – including border guards, migration services and, in certain cases, law enforcement authorities – are obliged to enable data subjects to exercise these rights.
The protection of personal data is a fundamental right which also applies to the processing of data in the Entry/Exit System.
Supervision of data processing
In Poland, the President of the Personal Data Protection Office supervises the processing of personal data in the Entry/Exit System.
The EES is also subject to a coordinated supervision mechanism that enables cooperation between national data protection authorities and the European Data Protection Supervisor (EDPS). This shall take place within the framework of the Coordinated Supervision Committee.
Under this mechanism, supervisory authorities shall:
- exchange information and assist each other in inspections,
- analyse common interpretative and practical problems,
- develop joint proposals for solutions,
- support awareness-raising activities on the rights of data subjects whose data are processed in the EES.
Legislation
Act on the Participation of the Republic of Poland in the Entry/Exit System
More information
More information on the functioning of the Entry/Exit System can be found at:
- UODO (Schengen Bookmark)
- the National Anti-Fraud Unit EES - Commander-in-Chief of the Border Guard
- the European Commission.
