Air passenger travel information

Air passenger travel information is used for baggage checks. It is also used to help the authorities detect and investigate terrorism and other serious crimes, improve border controls and counter illegal migration.

Processing passenger information

For operational purposes, airlines record information for each passenger who books a flight. This includes the date the reservation was made, the passenger’s contact details and baggage information. This information is called the Passenger Name Record (PNR). Airlines are also obliged under Dutch law to record the passport and travel details of every passenger who boards a plane. This includes their name and nationality, and information about their flight and journey. This data is called Advance Passenger Information (API).

Airlines send the PNR and API to the passenger information unit (Pi-NL) and Dutch Customs via the Travel Information Portal. After all the boarding checks have been completed, they also send the API to the Dutch Royal Military and Border Police (KMar).

The PNR and API are sent using an automated and secure system. The data in the PNR and API that Pi-NL, Customs and KMar are allowed to use is laid down in law. The data they are not allowed to use are erased.

Pi-NL processes data from the PNR in accordance with the Use of Passenger Information (Terrorist Offences and Other Serious Crimes) Act.
Customs processes data from the PNR in accordance with the Union Customs Code (UCC) and the Dutch General Customs Act.
KMar processes data from the API in accordance with the Aliens Act 2000 and the Aliens Decree.

Pi-NL combats terrorism and other serious crimes

The passenger information unit (Pi-NL) checks the data relating to passengers on all flights between the Netherlands and countries outside the EU. For flights within the EU, the processing of PNR data is limited to certain routes. Find out which countries are part of the EU. Pi-NL is allowed to process PNR data for all flights to and from the Netherlands if there is a genuine and present or foreseeable threat to security. Pi-NL only shares information with the competent authorities, such as the police and KMar, if there are good grounds to do so.

Pi-NL:

Compares passenger information with information in other databases and with risk criteria, such as travel patterns and routes. This helps investigative authorities identify individuals who may have malicious intentions.
Provides passenger information on request to organisations that are allowed by law to request certain information, such as Europol, competent authorities in the Netherlands or other EU member states and competent authorities in non-EU countries.
Analyses passenger information in order to fine-tune or draw up new risk criteria.

By law, Europol, competent authorities in the Netherlands or other EU member states and competent authorities in non-EU countries can also apply to Customs and KMar for passenger information that can help them combat terrorism and other serious crime. The law defines which organisations are competent authorities and what information they may request. Pi-NL is not authorised to issue alerts regarding individuals in databases used to compare passenger information. Alerts can only be issued by the competent authorities.

Passenger information and privacy

The Use of Passenger Information (Terrorist Offences and Other Serious Crimes) Act contains safeguards for passengers’ privacy. For instance, the Act says:

the processing of passenger information must be monitored by a data protection officer, including when passenger information is shared with competent authorities after 6 months;
how long passenger information may be kept for;
sensitive personal data may not be kept. This includes information about a passenger’s religion or ethnic origin;
information may only be shared with other countries if strict conditions are met;
certain elements of passenger information, like name, date of birth and travel document number, must be masked after 6 months. By anonymising this data it cannot be linked to specific individuals. Only investigative authorities like the police may access this masked data after the 6-month period, with permission from the Public Prosecutor;
passenger information collected in the Netherlands must be stored and processed in the Netherlands.

There are also two other pieces of legislation that govern privacy:

The General Data Protection Regulation (GDPR) sets out requirements on the way data and privacy are protected, for example in the processing of PNRs by Customs and APIs by KMar.

The Police Data Act (WPG) sets out how the police must deal with personal data. It also applies to special investigative agencies and special enforcement officers (Customs). Some of the rules in the WPG also apply to Pi-NL.

The independent Data Protection Authority is responsible for monitoring compliance with this legislation. The Minister of Justice and Security has introduced various measures to ensure passenger information is processed in accordance with the law.

Viewing, changing or erasing passenger information

Find out how you as a passenger can submit a request to view or change your own passenger information or to have it erased. Customs, Pi-NL and KMar can only grant your request for the passenger information they have about you.

Your request cannot be about other information relating to past or future flights you have taken, as recorded by your airline or travel agent. Customs, Pi-NL and KMar cannot change booking information or flight information. To do this, you must contact your airline or your travel agent.

Retention period for passenger travel information

Customs keeps passenger information for 48 hours after a flight has arrived or departed. If necessary, it can be kept for up to 28 days. It is stored in the Travel Information Portal. After the retention period, personal data that can be traced directly to specific individuals is erased. Customs uses data that cannot be traced directly to individual travellers for statistical analysis.

As prevention, detection, investigation and prosecution of terrorist offences and other serious crimes can take more time, Pi-NL keeps passenger information longer – for up to 5 years if it has good grounds to do so. Otherwise, passenger information is kept for up to 3 years.

KMar erases API data 96 hours after a flight has arrived. Under the WPG, however, data may be kept longer if it is needed for a criminal investigation or for other police tasks.

How Customs uses passenger information

Customs uses passenger information to perform risk analyses that enable more targeted baggage checks. This benefits the quality and speed of the baggage control process and minimises the inconvenience to passengers. Customs analyses the data of

passengers on all flights between the Netherlands and non-EU countries;
passengers on flights to or from a non-EU country, whose journey includes a transfer in the EU.

Read more about how Customs uses passenger information.

How the Royal Military and Border Police uses Advance Passenger Information

At the API Centre in Soesterberg, the Royal Military and Border Police (KMar) processes Advance Passenger Information (API) relating to flights from countries that are not part of the EU and countries that are not part of the Schengen area. KMar processes this data in accordance with the Aliens Act 2000. Find out on the KMar website which data makes up the API dataset and how KMar stores and processes this data at the API Centre (in Dutch).

The table below gives an overview of what passenger information is processed by Pi-NL, Customs and KMar.

Table: Passenger information, use by organisations, retention period and applicable legislation
	Pi-NL	Customs	Royal Military and Border Police
Passenger information	PNR and API	PNR	API
Tasks	Combating terrorism and other serious crimes	Baggage controls	Combating illegal migration Border checks for individuals
Flights	All flights between the Netherlands and non-EU countries; selected flights between the Netherlands and EU member states. In the event of a genuine present or foreseeable security risk: all flights to and from the Netherlands	All flights arriving in the Netherlands from a location outside the EU All flights departing from the Netherlands to a destination outside the EU Passengers on flights to or from a non-EU country, whose journey includes a transfer in the EU	All flights arriving in the Netherlands from a location outside the EU All flights arriving in the Netherlands from a location in the EU but outside the Schengen area
Retention period	3 years 5 years, if there are good grounds to believe the passenger poses a terrorist or serious criminal threat, relating to civil aviation	48 hours If necessary, the data can be kept for up to 28 days.	96 hours, or longer if further investigation is required; in that case, the retention period laid down by the Police Data Act (WPG) applies.
Legislation	Use of Passenger Information (Terrorist Offences and Other Serious Crimes) Act	Union Customs Code (UCC) and the Dutch General Customs Act	Aliens Act 2000 and Aliens Decree

Questions and answers

Can I view, change or erase my passenger information?

Yes, you can do this by submitting requests to Customs, the passenger information unit (Pi-NL) and your airline. You can ask the ...

Question and answer