A Digital Product Passport (DPP) is a standardized, machine-readable digital record — covering a product's origin, material composition, repairability, and recycling data — that the EU now requires for most physical products sold in its market under the ESPR (Regulation (EU) 2024/1781, in force since July 2024). Brands already collecting data for existing EU regulations (Textile Labelling, REACH, CE marking) likely have 40–60% of what a DPP demands, making compliance more incremental than it first appears.
This guide breaks down what DPPs are, the legal timeline, and what steps you should be taking now.
What Is a Digital Product Passport?
A Digital Product Passport is a standardized digital record attached to a physical product. It contains information about the product's origin, composition, repair and disassembly instructions, and end-of-life recycling guidance.
Think of it as a product's birth certificate, medical history, and end-of-life plan combined into a single, machine-readable dataset. Anyone in the supply chain — from manufacturers to recyclers — can access the relevant portions of this data.
Each DPP is linked to the physical product through a data carrier, typically a QR code, RFID tag, or NFC chip printed on the product or its packaging. Scanning it provides immediate access to the passport data.
What Information Does a DPP Contain?
The exact data requirements vary by product category, but most DPPs will include:
- Product identification — unique identifiers, model numbers, batch information
- Materials and composition — what the product is made of, including hazardous substances
- Manufacturing details — where and how it was produced, carbon footprint data
- Repair information — disassembly instructions, spare parts availability
- Recycling guidance — how to properly recycle or dispose of the product
- Compliance documentation — certifications, declarations of conformity
- Sustainability metrics — durability scores, recycled content percentages
Why Is the EU Requiring Digital Product Passports?
The DPP requirement is part of the Ecodesign for Sustainable Products Regulation (ESPR) (Regulation (EU) 2024/1781), which the European Parliament adopted in 2024. The ESPR replaces the older Ecodesign Directive and dramatically expands its scope.
The previous directive only covered energy-related products like washing machines and light bulbs. The ESPR applies to nearly all physical products sold in the EU, with only a few exceptions (food, feed, and medicinal products).
The EU has three core goals with this regulation:
1. Enable the Circular Economy
Europe currently wastes enormous quantities of reusable materials. DPPs make recycling and repair practical by giving recyclers detailed composition data and giving repair shops the technical documentation they need. When a recycling facility knows exactly what plastics, metals, and chemicals are in a product, material recovery rates increase dramatically.
2. Empower Consumers
Today, consumers have limited visibility into how products are made. A DPP gives shoppers access to sustainability data, durability ratings, and repairability scores before they buy. This transparency shifts market incentives toward more sustainable production.
3. Improve Market Surveillance
Customs authorities and market surveillance bodies need better tools to verify product compliance. DPPs create a verifiable digital trail that regulators can check at borders and in retail environments. Counterfeit products become harder to pass off when every legitimate product carries a machine-readable digital identity.
The ESPR Timeline: When Do You Need to Comply?
The ESPR (Regulation (EU) 2024/1781) entered into force in July 2024, but the DPP requirements roll out in phases over several years. The regulation uses delegated acts — secondary legislation that sets the detailed rules for each product category.
Here is the expected timeline:
| Phase | Timeframe | Product Categories |
|---|---|---|
| Phase 1 | 2026–2027 | Batteries (already in effect under Battery Regulation), textiles (delegated act expected) |
| Phase 2 | 2028–2029 | Electronics, furniture, construction products, chemicals |
| Phase 3 | 2030+ | Remaining product categories as delegated acts are published |
Batteries are already covered. The EU Battery Regulation (Regulation (EU) 2023/1542, separate from ESPR) requires digital passports for industrial and EV batteries starting February 2027. This is the first live DPP mandate and serves as the template for all other categories.
For textiles, a draft delegated act is expected in 2026–2027, with compliance deadlines likely falling in 2028. Electronics delegated acts are expected to follow, with compliance around 2028–2029.
How the Delegated Acts Work
The ESPR is a framework regulation — it establishes the legal basis for DPPs but delegates the product-specific details to the European Commission. For each product category, the Commission will publish a delegated act specifying:
- Which data fields are required
- Data format and interoperability standards
- Who must provide which information
- Transition periods and deadlines
This phased approach means brands have time to prepare, but the preparation itself takes significant effort. Waiting until a delegated act is published to start planning will put you behind competitors who began early.
Who Needs a Digital Product Passport?
Any business that places products on the EU market will need to provide DPPs for covered product categories. This includes:
- Manufacturers based in the EU
- Importers bringing products into the EU from third countries
- Authorized representatives acting on behalf of non-EU manufacturers
- Brands and retailers selling under their own label (white-label products)
The obligation falls on whoever first makes the product available on the EU market. If you manufacture in China and sell in Germany, you (or your EU-based importer) are responsible for creating and maintaining the DPP.
Small Business Considerations
The ESPR acknowledges the burden on small and medium enterprises (SMEs). The delegated acts may include simplified requirements or extended transition periods for smaller businesses. However, the core obligation applies regardless of company size — if you sell covered products in the EU, you need DPPs.
There is no SME exemption from the core DPP obligation. The only SME-specific provision in the ESPR is a limited delay for the destruction ban on unsold goods. Every brand placing covered products on the EU market must comply, whether you have 5 employees or 5,000. See our DPP challenges guide for an honest look at what small brands face.
Starting early gives SMEs an advantage: building the data collection processes now is far less disruptive than scrambling under a deadline.
How Do Digital Product Passports Work in Practice?
The DPP system involves several interconnected components:
Data Carriers
Every physical product needs a scannable identifier — the data carrier. Options include:
- QR codes — cost-effective, easy to print on packaging or labels
- RFID tags — useful for logistics and inventory, can be read without line of sight
- NFC chips — ideal for consumer interaction (tap to scan with a smartphone)
- Data Matrix codes — compact, suitable for small products
The data carrier links to a URL where the passport data is hosted. Scanning the code retrieves the relevant information.
Data Hosting
DPP data must be hosted on systems that meet specific availability and interoperability requirements. The data must remain accessible for a defined period after the product is placed on the market (typically the product's expected lifetime plus a buffer period).
The EU is developing a centralized DPP registry that will serve as the authoritative index. Individual DPPs can be hosted by manufacturers or third-party platforms, but they must be registered in the central system.
Access Levels
Not all DPP data is public. The ESPR defines different access levels:
- Public access — basic product information, sustainability data, consumer-relevant details
- Supply chain access — detailed composition data, manufacturing specifics (accessible to business partners)
- Regulatory access — full dataset including proprietary information (accessible only to market surveillance authorities)
This tiered approach protects trade secrets while ensuring transparency where it matters.
Much of the data a DPP requires is not new. If you already comply with the EU Textile Labelling Regulation (material composition), REACH (substances of concern), and CE marking (conformity documentation), you have the foundation for roughly half the DPP data fields. The challenge is digitizing and structuring that data, not generating it from scratch. Our DPP data requirements guide breaks down exactly what is confirmed vs. expected.
How Much DPP Data Do You Already Have?
One of the most common misconceptions about the DPP is that it requires brands to generate an entirely new dataset from scratch. In reality, multiple existing EU regulations already mandate much of the same information — just in different formats. If you are already selling products in the EU and complying with current labelling, safety, and chemical regulations, you have a significant head start.
| DPP Data Category | Already Required Under | What's New for DPP |
|---|---|---|
| Material composition (fiber %, weight) | Textile Labelling Regulation (EU 1007/2011) — mandatory on garment labels since 2012 | Digitized, machine-readable format; more granular breakdown by component |
| Substances of concern | REACH Regulation (EC 1907/2006) — SVHC declarations already required | Structured digital format; linked to product identifier |
| Product identification (GTIN, model) | GS1 standards — already used by 80%+ of retail brands for barcodes (GS1, 2024) | Serial/batch-level identifiers; GS1 Digital Link URI format |
| Conformity documentation | CE marking under relevant EU directives | Digital, machine-readable; registered in EU DPP registry |
| Country of manufacture | Origin marking rules vary by product type | Expanded to multi-tier supply chain locations (phased rollout) |
| Care instructions | ISO 3758 care symbols — already on garment care labels | Digital format; linked to repair and end-of-life guidance |
| Carbon footprint | New for most product categories | Full lifecycle calculation methodology TBD |
| Recycling/end-of-life guidance | WEEE Directive (electronics); limited for textiles | Expanded to all product types; standardized format |
| Durability/repairability scores | New requirement under ESPR | Scoring methodology and thresholds TBD per delegated act |
For most brands already selling in the EU, roughly half the DPP data categories map to information you are already collecting or reporting under existing regulations. The genuine new requirements — carbon footprint calculations, durability scoring, and multi-tier supply chain traceability — are the areas where preparation effort should concentrate. Our DPP data requirements guide breaks down each category by confidence tier.
How Should You Start Preparing for DPP Compliance?
Even if your specific product category does not yet have a delegated act, you can begin preparing now. The companies that start early will have smoother compliance processes and may even gain competitive advantages from the transparency DPPs provide.
Step 1: Audit Your Product Data
Map out what data you already collect about your products. Identify gaps between your current data and the likely DPP requirements. Common gaps include:
- Detailed material composition breakdowns
- Supply chain origin data (beyond tier 1 suppliers)
- Carbon footprint calculations
- Repair and disassembly documentation
Step 2: Engage Your Supply Chain
DPP data comes from multiple points in the supply chain. Start conversations with your suppliers about data sharing. You will need composition data, origin information, and sustainability metrics from upstream partners.
Step 3: Choose Your Technology Platform
You need a system to create, host, and manage your DPPs. Look for platforms that support the emerging ESPR data standards and can generate the required data carriers (QR codes, RFID programming, etc.).
Step 4: Pilot With a Product Line
Do not try to create DPPs for your entire catalog at once. Pick a representative product line and build a complete DPP for it. This pilot will surface data gaps and process issues that you can fix before scaling.
Step 5: Monitor the Delegated Acts
Stay informed about the regulatory developments in your product category. The European Commission publishes drafts for public consultation before finalizing delegated acts, giving you advance notice of the specific requirements.
Frequently Asked Questions
How much does DPP compliance cost?
Costs vary significantly based on product complexity, catalog size, and existing data infrastructure. The major cost drivers are data collection (especially from supply chains), technology platform fees, and ongoing data maintenance. SMEs should budget for both setup costs and annual operating expenses.
Can I use an existing QR code for my DPP?
You can use QR codes as data carriers, but they need to link to a DPP-compliant data endpoint. Existing marketing QR codes that link to a website landing page would not qualify. The QR code must resolve to structured passport data in the required format.
What happens if I do not comply?
Non-compliance with the ESPR can result in products being prohibited from the EU market. Member states will set specific penalties, which may include fines, product recalls, and import bans. The exact enforcement mechanisms will be detailed in the delegated acts for each product category.
Does the DPP requirement apply to products sold online?
Yes. The DPP requirement applies to all products placed on the EU market, regardless of the sales channel. Online marketplaces and e-commerce sellers must ensure their products carry valid DPPs. The EU is also developing rules that require online marketplaces to verify DPP compliance before listing products.
How long must I maintain a DPP?
The DPP must remain accessible for at least the expected lifetime of the product, and in some cases longer to support end-of-life recycling. Specific retention periods will be defined in each delegated act. For durable goods, this could mean 10 years or more.
Getting Started With PassportCraft
PassportCraft helps small and mid-sized brands create EU-compliant Digital Product Passports without enterprise complexity or pricing. Our platform handles data collection, QR code generation, and DPP hosting so you can focus on your products.
Check your compliance readiness with our free assessment tool, or explore our pricing to see how PassportCraft fits your business.
