¹ This order shall apply in so far as the Association Agreements in Dublin do not provide otherwise.

² The association agreements in Dublin are listed in Annex 4.

(art. 96 and 99 A to 102 LAsi; art. 2 LDEA) ²

The State Secretariat for Migration (SEM) ³ Exploits the following information systems in the course of carrying out its legal tasks:

A.

The central migration information system (SYMIC) in accordance with the SYMIC order of 12 April 2006 ⁴ ;

B.

The Artis database;

C.

The administration of loans;

D.

Collection of Turkish judicial documents;

E.

The Asylum Financing Data Bank (Finasi);

F.

The medical case database;

G.

The "Individual Return Assistance" data bank;

H. ⁵

...

I.

The information system for registration and procedure centres and airport accommodation (MIDES);

J.

The AURORA information system referred to in s. 12 of the order of 11 August 1999 on the execution of the removal and expulsion of aliens ⁶ ;

K. ⁷

The Interpreter Pool (DOPO) database.

¹ The Artis database collects documents containing information about the countries of origin of asylum seekers.

² It does not include any sensitive data or personality profile. If a document that does not come from a public source contains people's names, it is made anonymous before it is entered into the database.

³ All employees of the SEM and the Federal Administrative Tribunal have access to the data.

⁴ The SEM may make available through an appeal procedure the information contained in Artis:

A.

The cantonal police authorities of foreigners;

B.

Federal government officials who need information about the countries of origin of asylum seekers to carry out their work;

C.

The authorities of foreign states and international organisations with which Switzerland has an institutionalised exchange of information.

¹ Loan administration lists loans to recognized refugees.

² SEM staff responsible for the administration of loans have access to the data.

¹ The collection of Turkish judicial documents is a reference database containing Turkish court documents which have been submitted by asylum seekers and whose authenticity has been confirmed.

² SEM collaborators who specialize in forensic analysis have access to the data.

¹ The Finasi database contains the data necessary for the payment of the packages according to Art. 20, 22, 24, 26, 28 and 31 of Order 2 of 11 August 1999 on asylum (OA 2) ² And art. 18 of the Ordinance of 24 October 2007 on the Integration of Foreigners (OIE) ³ .

² This includes the personal data of asylum seekers, persons admitted provisionally, refugees and stateless persons, namely their surname, given name, date of birth, nationality, gainful occupation, personal number, AVS insurance number, and OFS number of their home municipality. ⁴

³ These data are kept for three years for control purposes. Then, when the Federal Archives deems them to be of no archival value, they are erased.

⁴ The collaborators of the SEM responsible for the payment of packages have access to the data.

¹ The medical case data bank contains the statement of facts and medical case decisions. It allows for the establishment of a uniform procedure for the treatment of medical cases.

² Data are available to the medical case workers of the EMM.

¹ The "Individual Return Help" database contains the amounts paid to applicants for individual return assistance.

² The SEM staff responsible for monitoring and evaluation of individual return assistance have access to this data bank.

(art. 99 A, Al. 3, 99 B , 99 C And 99 D, Al. 1, LAsi)

¹ MIDES is used to process the personal data of asylum seekers and persons to be protected.

² Annex 5 defines all the data contained in MIDES, the access levels and the data processing authorisations.

³ The SEM shall lay down in a processing regulation in particular the organisational and technical measures to be taken to avoid the unauthorised processing of the data and regulates automatic data processing and the security of the data Data.

¹ The DOPO database contains the following data on people who are required to plan and conduct the hearings:

A.

Personal data;

B.

Intervention plans; and

C.

The data that is included in the remuneration of the following persons:

1.

Interpreters,

2.

Minutes,

3.

Specialists from countries of origin,

4.

LINGUA experts, and

5.

The LINGUA staff responsible for the hearings,

6. ²

Assessors of interpretation benefits.

² Access to this data is provided by the SEM employees who are responsible for planning and conducting the hearings, as well as for the payment of remuneration in accordance with para. 1, let. C.

³ The following people can access only their own work plans:

A.

Interpreters;

B.

Minutes,

C.

Experts from countries of origin;

D.

LINGUA experts; and

E.

LINGUA staff responsible for the hearings;

F. ³

Assessors of interpretation benefits.

⁴ The DOPO database has interfaces with the following systems:

A.

SYMIC to consult the data of the asylum seekers needed to plan the hearings, in particular the reference number, nationality, language, as well as the date and place of filing of the application;

B.

The personnel information system of the Federal Administration BV PLUS to collect the data necessary for the payment of remuneration in accordance with para. 1, let. C.

(art. 97, para. 1 and 2 LAsi)

The federal and cantonal authorities who intend to communicate to the State of origin or source data relating to an asylum applicant, a recognised refugee or a person to be protected residing in Switzerland must first ascertain from the SEM that the application for asylum has been rejected at first instance or that a decision on non-entry has been made, or that the communication of such data does not endanger the person concerned or his relatives.

(art. 97, para. 3, let. B, LAsi)

If it is necessary to transmit the fingerprints of a person to his or her State of origin or of origin for the purpose of ensuring the execution of the reference, it must not be shown that the person concerned has applied for asylum in Switzerland.

(art. 98 A LAsi)

Where there are serious grounds for suspecting a crime under s. 1, para. F, let. A and c, of the Convention of 28 July 1951 relating to the status of refugees ² , the SEM shall transmit to the competent criminal prosecution authorities the information and the means of evidence available to it.

(art. 98 B LAsi)

¹ In order to establish the identity of asylum seekers and persons to be protected, the competent authorities may identify the following biometric data:

A.

Fingerprints;

B.

Photographs.

² Access to the data listed in para. 1 is regulated in Annex 1 of the Ordinance of 12 April 2006 on the Central Migration Information System (SYMIC Ordinance) ² . Biometric data are recorded in the Automated Fingerprint Identification System (AFIS), which contains no data on the person.

(art. 99 LAsi and art. 13, para. 2, LDEA ² )

¹ No biometric data for children under 14 accompanied by one of their parents will be identified.

² Biometric data for unaccompanied children under 14 years of age are identified only if their treatment is used to identify them.

³ When applications filed abroad, at the border, in airports or in the cantons are submitted to them, the competent authorities on the spot report biometric data.

⁴ When the request emanates from a detainee, the SEM requests the Federal Police Office (fedpol) to form a fingerprint form drawn up by the police. It provides a control number for the asylum procedure before sending it back to fedpol for a separate registration as an asylum form.

⁵ The SEM may entrust private undertakings to identify and process biometric data in the registration centres and at airports, to the extent that these undertakings can ensure that they comply with the provisions relating to Data protection.

⁶ The SEM makes available to the police services responsible for an investigation the biometric data available to it, if it is necessary for the elucidation of offences. The police services are only authorised to transmit this data to foreign authorities with the agreement of the SEM.

⁷ Where the biometric data identified by the foreign police services (INTERPOL) are consistent with those recorded by the SEM, the latter shall decide, pursuant to Art. 97, para. 1, LAsi, if it is permissible to transmit the results to foreign authorities.

(art. 102 C , para. 3 and 4, LAsi)

There is adequate protection of the person concerned within the meaning of s. 102 C , para. 3, LAsi where sufficient guarantees resulting in particular from contractual clauses and relating to the data transmitted and their processing are provided on the following points:

A.

The principles of lawfulness, good faith and accuracy are respected;

B.

The purpose of the data communication is clearly determined;

C.

The data are processed only within the limits necessary for their communication;

D.

The authorities authorised to process the transmitted data are clearly designated;

E.

The transmission of data to another State which does not provide an adequate level of protection is prohibited;

F.

The retention and destruction of data is clearly regulated;

G.

The data subject has the right to correct inaccurate data;

H.

The data subject is informed of the processing of his or her personal data and the framework conditions of the latter;

I.

The data subject has a right of access to his personal data;

J.

Data security is guaranteed;

K.

The person concerned has the right to bring an independent authority to court if it considers that his or her personal data have been unlawfully treated.

¹ Within the framework of the application of the association agreements in Dublin ² , before transferring an applicant for asylum to the responsible State bound by one of these agreements (Dublin State), the SEM must transmit to that State the following data:

A.

The personal data referred to in Annex VI to Regulation (EC) No 1560/2003 ³ ; and

B.

For persons who require medical care or treatment, information concerning their physical and mental health status in accordance with Annex IX to Regulation (EC) No 1560/2003.

² The information in para. 1, let. B, may be transmitted only between health professionals or persons subject to equivalent professional secrecy and only with the express consent of the person concerned or his representative. If the data subject is not in a position to give consent for physical or legal reasons, data concerning him may exceptionally be transmitted without his or her express consent if the protection of his or her vital interests or Those of a third party require it.

³ The procedure is governed by s. 31 and 32 of the Regulation (EU) No 604/2013 ⁴ And art. 8, para. 3, and 15 A Regulation (EC) No 1560/2003.

¹ In special cases, the SEM may communicate to the authorities of the Confederation, the cantons and the municipalities, as well as to private organisations, the personal data they need to carry out their legal duties.

² In general, personal data are not communicated to individuals. On an exceptional basis, the address of a person may be communicated where the applicant is able to prove that he or she needs it in order to exercise rights or to defend other interests worthy of protection.

¹ The SEM may communicate lists containing personal data to the authorities of the Confederation, the cantons and the municipalities and to private organisations if they need it for the performance of their legal duties and Processing of the applicant authority is compatible with the objective set out in the law.

² The disclosure of lists containing personal data to individuals is not permitted.

(art. 102 A ^Ter LAsi)

¹ A fingerprint expert from AFIS ADN Services of the Federal Police Office (fedpol) is responsible for verifying the results obtained in the consultation of the Eurodac databank.

² In the case of a positive response to a consultation of the Eurodac databank, the SEM makes the results available to AFIS ADN Services. The expert shall carry out the verification as soon as possible and shall immediately forward the result of his audit to the MS.

³ If the check indicates that the fingerprints do not match, the SEM immediately clears the result of the consultation.

⁴ The SEM informed the European Commission and the Agency-LISA of the mismatch of fingerprints as soon as possible, but no later than three working days.

⁵ AFIS DNA Services also checks fingerprints:

A.

When, following the granting of international protection to a person by a Dublin State and the subsequent marking of the data in Eurodac, the SEM is informed that it has already seized the data of that person and receives the fingerprints Fingerprinting of the system unit for marking; or

B.

When, upon the early erasing of a person's data in Eurodac, the SEM is informed that he has already entered the data of that person and receives the fingerprints of the system unit for the purpose of erasing them.

¹ If a person asserts his right of access, his right to rectification or his right to the erasure of Eurodac data, the person must provide the particulars necessary for his identification, including fingerprints, and submit an application Written to SEM.

² The SEM processes the request for permission in agreement with the authority that entered the data or with the state that transferred the data to the system unit.

³ It registers all requests for access and transmits it to the Federal Data Protection and Transparency Officer (PPDT). He informs the latter of the manner in which the application has been processed.

⁴ If a person asserts his right to the rectification or erasure of Eurodac data which has not been seized by the Swiss authorities, the SEM shall make contact within a reasonable time with the States which have seized the data and shall transmit it to them Request. The SEM shall inform the data subject of the transmission of the request.

⁵ The SEM processes requests for access, rectification or erasure without delay.

⁶ It shall confirm in writing, without delay, any rectification or deletion of the data to the data subject. If he is not prepared to correct or delete the data, he will make his reasons known.

⁷ The particulars necessary for the identification of the person referred to in para. 1, including fingerprints, are erased immediately after processing the application.

Liability for damage arising from the operation of Eurodac is governed by the law of 14 March 1958 on liability ² , in particular by his art. 19 A To 19 C , which apply by analogy.

¹ In carrying out its tasks, the TDP collaborates with the European Data Protection Supervisor and is the national contact point for the latter.

² The TDP is the national authority within the meaning of s. 29, para. 11-13 and 30 of Regulation (EU) No 603/2013 ² It is responsible for performing the tasks defined in these items.

Data security is governed by:

A.

The Order of 14 June 1993 on the Federal Data Protection Act ² ;

B.

Chapter of the December 9, 2011 Ordinance on Information Technology in the Federal Government ³ Relating to computer security;

C.

Federal Council guidelines of 14 August 2013 on the security of ICT in the federal government ⁴ .

Data that is no longer in use is archived or destroyed. They are archived or deleted in collaboration with the Federal Archives.

¹ ... ¹

² The SEM may communicate to the authorities, universities and their institutes and private organisations personal data for research and planning purposes. The names of the persons concerned must not be provided, to the extent that the purpose of the treatment allows. The results must be published in such a way that it is impossible to determine who is the data subject. The transmission of such data shall be lawful only with the consent of the SEM.

This order shall enter into force on 1 ^Er October 1999.