XVII. Personal data processing in the field of…

Information on Personal Data Protection

Pursuant to provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and the free movement of such data, and repealing Directive 95/46 / EC The General Data Protection Regulation (RGPD), Law no. 506 / 2004 regarding the processing of personal data and the protection of privacy in the electronic communications sector and Law no. 271 / 2010 regarding the establishment, organization and functioning of the National Visa Information System and Romania's participation in the Visa Information System, in its capacity of personal data controller, the Ministry of Foreign Affairs, with headquarters at Aleea Alexandru 31, Sector 1, Bucharest, Romania, has the obligation to administer safely and solely for the specified purpose, well-defined by the special normative framework, the personal data you provide to us, pursuant to legal provisions, about you, a member of your family, or another person. Within the Ministry of Foreign Affairs, operated a person responsible for Personal Data Protection - dpo@mae.ro.

This information relates to the purpose of collecting data for processing and examination of applications for Romanian entry visas and the issuance of the required visas. Data subjects for the above mentioned purpose, who choose to apply online for a Romanian entry visa via the national electronic portal for visa facilitation, eViza - www.eviza.mae.ro, have the obligation to provide the data required by the visa application forms*, the refusal to provide the requested data resulting in inadmissibility of the visa application that shall not be taken over at the diplomatic missions / consular offices of Romania. Requesting a visa via the eViza portal can only be completed by the person concerned only after the terms and conditions for the processing of personal data have been agreed. The data of persons who do not finish to fill in the online visa application is automatically deleted, 30 days after the date of the last intervention on the application file of the person. The registered information is intended for use by the processor and communicated by the data subjects, for its taking over from the eViza external electronic portal, only to the diplomatic missions and consular offices of Romania. The information is taken from the eViza portal for further processing in the National Visa Information System (NVIS).

According to GDPR, the data subject is entitled to be informed of the right of access to data, rectification of data, deletion of data, restriction of processing and the right not to be subject to automated processing. At the same time, the data subject has the right to oppose the processing of personal data that concern him/ her and to request the deletion thereof **. For the exercise of these rights, you may address a written, dated and signed application to the person responsible with Personal Data Protection within the Ministry of Foreign Affairs - dpo@mae.ro***. You also have the right to address a complaint to A.N.S.P.D.C.P. (http://www.dataprotection.ro), as well as the right to appeal to the court of law.

Your data, communicated via the eVIZA electronic portal and processed in NVIS ​​by authorized users, shall not be transferred abroad. Should any of your data be incorrect, please inform us as soon as possible.

________________________________________

* Upon signing the visa application forms, which shall be consulted and signed upon personal presentation to competent MFA personnel, you shall be able to provide express consent to the processing of your data and you shall be able to consult, in detail, the terms and conditions regarding data processing. The fields in the visa application forms, marked with an asterisk (*), must not be filled in by third-country nationals, family members of EU citizens, of the European Economic Area and the Swiss Confederation (husband, wife, child or dependent ascendant).

** Should you not agree with the processing of personal data concerning yourself, it shall be taken into account that the visa/ LBTP application becomes inadmissible. At the same time, if you want to delete your personal data but you have a valid visa based on that data, you shall not be able to delete it at the time you make the erasure request, according to the provisions of art. 17 para. (3) let. (b) of GDPR. If no decision has been taken regarding the visa application, it shall no longer be possible to solve it, and it shall also be taken into account that the fee for processing the application cannot be returned.

*** Requests for the rights of data subjects to process data for visa and LBTP applications available online at www.mae.ro  shall be submitted, via a written, dated and signed request, in accordance with art. 38 para. (4) ) of the GDPR, to the person responsible with Data Protection within MFA, to the mail address dpo@mae.ro, respectively at the MFA controller headquarter, Aleea Alexandru 31, Sector 1, Bucharest, code 011822.

 

 

PROVIDING PERSONAL DATA VIA eVIZA PORTAL, SHOULD YOU CHOOSE TO SUBMIT AN ONLINE APPLICATION FOR VISA:

 

Categories of data subjects for processing and issuing of Romanian entry visas: third-party nationals subject to the European and national legal instruments governing the visa policy, namely the regime of aliens in Romania, by filling in Romanian visa applications, regardless of the purpose of travel.

Upon using eViza external portal - www.evisa.ro, at the moment of starting the online visa application process, it is necessary to know and agree the terms and conditions regarding the provision of your personal data for the purpose of processing and issuing Romanian entry visas.

Personal data provided via the eViza external portal shall be used exclusively for the purpose of processing, examining and issuing Romanian entry visas. These data shall be processed by the MFA only when the data subject has given his / her consent, by agreeing with the terms and conditions related to this issue.

The MFA processes exclusively the categories of personal data necessary for the examination of visa applications as established at the level of the European Union and national legislation. The MFA does not require or process sensitive data other than that required for the examination of an application for Romanian entry visa and the issuance of a visa in accordance with the legal provisions; all personal data and any sensitive data is processed under strictly safe conditions.

 

DETAILS OF INTEREST:

 

  • All personal data requested via the forms available on the eViza external portal is made available to the diplomatic missions and consular offices of Romania where the visa application chooses to present oneself.
  • Data from the external portal is stored on a centralized secured server that belongs to the MFA of Romania. When a visa file is sent to a diplomatic mission / consular office of Romania, it will be transferred to the internal portal related to eViza, being stored on a secured central server in the internal network of the MFA of Romania. At this time, personal data from the external portal will be transferred entirely to the secured network of the MFA, no longer available online.
  • When a visa applicant does not finish to fill in an application file, the partial personal data filled-in on the external portal, is stored on the central server that corresponds to the external portal of the MFA for a time period of 30 days. Upon expiration of this time period, the incomplete file and all related data filled-in, will be automatically deleted and no longer available online.
  • Personal data supplied via online visa application files, in the eViza portal, will be made available only to the competent Romanian authorities and will be processed by these authorities solely for the purpose of deciding as regards visa applications sent via this portal. This data may also be input and stored into databases accessible solely to the national Romanian authorities that exercise competencies in the field of visas, as per national legislation in force.
  • Identity of the Controller: exclusively the Romanian Ministry of Foreign Affairs, through the Romanian diplomatic missions and consular offices abroad.
  • The purpose for which data is processed is exclusively processing / examining visa applications made by third state nationals subject to the visa requirement to travel to Romania and, as the case may be, for issuing visas for entry on Romanian territory. Issued visas can also be annulled and revoked in accordance with legal provisions.
  • Recipients of personal data provided for the purpose of requesting Romanian entry visas: solely the competent national authorities provided for in art. 30 of Government Emergency Ordinance n° 194/2002 on the regime of aliens in Romania, with subsequent amendments and additions, as well as the competent authorities with the control at the state border crossing points. The data transmitted through the electronic files created via the eViza portal can be accessed exclusively by the MFA.
  • Visa applicants who do not consider necessary to provide the personal data needed to fill in the standard visa application forms shall take into account that the refusal to provide all the necessary data may lead to the rejection of visa applications.