Passenger Name Record (PNR) data is information provided by passengers and collected by air carriers during booking and checking procedures. PNR data includes information, such as travel dates, itineraries, ticket information, contact details, luggage and payment information.
PNR data is a very important law enforcement tool which facilitates the prevention, detection and investigation of terrorism and other forms of serious crime (such as drugs, human trafficking, sexual exploitation of children and others) and allows, through the evaluation of PNR data, the identification of persons who prior to the analysis of such data would not be controlled by authorities for involvement in terrorism or serious crime.
According to Law 4579/2018 (which incorporated Directive (EU) 2016/681 on PNR), air carriers of flights within or outside the European Union, which land on or take off from Greece, are obliged to transmit data contained in the PNR to the competent passenger information unit of the Greek Police. The PNR data collected is processed only for the purpose of preventing, investigating and prosecuting terrorist and serious crimes. The processing, i.e. collection, use, retention and exchange of such data with the other Member States and Europol, is regulated in detail in the law. In addition, the serious crimes for which data processing is needed, as well as the specific data contained in the collected PNR are restrictively defined. Provision is also made for the appointment of a Data Protection Officer (DPO) in order to ensure the lawful processing of PNR data.
The data is kept for a period of five (5) years, while six (6) months after their transmission they are depersonalised by covering specific identifiers.