Non-EU travellers heading to EU/Schengen countries will soon face biometric border controls as the EU’s new Entry/Exit System (EES) comes into force from October 12th. But can travellers opt out?
The EES scheme will gradually replace passport stamps with fingerprinting and facial scans for short-stay visitors, according to the European Commission.
The Commission says the system is required to prevent overstays, stop identity fraud and strengthen external border security.
It is being rolled out in phased approach across Europe from October 12th and will be fully in place by April 2026.
Who must give biometrics – and who doesn’t?
The EES applies to visitors from countries such as the UK, US and Canada as well as holders of short-stay Schengen visas. They will need to have their fingerprints and a facial image taken at their first entry, with the information stored for future crossings. EU and Schengen citizens are exempt, as are non-EU nationals who hold a valid residence card in an EU/Schengen country.
But can I opt out of giving fingerprints and facial scans?
Well you can, but you won’t be allowed to travel. The EU puts it simply: “If you refuse to provide your biometric data, you will be denied entry into the territory of the European countries using the EES.”
In other words you’ll just have to turnaround and go home.
READ ALSO: How will the EU’s new EES passport checks affect the 90-day rule?
Why is your data collected?
According to the Commission, the EES is designed to reinforce border management, prevent irregular migration, and keep track of overstayers. It also aims to identify travellers using false identities or passports, and to help prevent and investigate terrorism and other serious crimes. In short, the biometric scans are meant to speed up border checks while tightening security.
So what data gets stored and for how long?
Advertisement
The system records a traveller’s passport details, date and place of entry and exit, fingerprints, a facial image, and any refusal of entry. In most cases, records are held for three years. If someone overstays, their file can be retained for up to five years. Data is automatically deleted when the legal storage period expires.
READ ALSO: How you can prepare for travel under Europe’s new EES and ETIAS rules
Who can see the data?
Border guards and immigration authorities will utilise the system to verify identities and determine entry rights. Law enforcement agencies in Schengen countries and Europol may access the data under strict conditions for counter-terrorism or serious crime investigations. Airlines and transport companies cannot access personal information, but they can verify whether a visa has been used up.
Advertisement
How is your data protected?
The Commission says the EES follows strict EU data protection laws and is supervised both by national data protection authorities and the European Data Protection Supervisor. Data is stored in a secure central database managed by the EU Agency eu-LISA, which ensures compliance with privacy rules.
The system has been built with “data protection by design and by default,” meaning only authorised staff can access it, and only for specific purposes.
Travellers have the right to request access to their EES record and to ask for corrections if data is wrong or incomplete. They can also request deletion of unlawfully processed data. Complaints can be lodged with national data protection authorities or, in some cases, the European Data Protection Supervisor.
