The Carbon Border Adjustment Mechanism (CBAM)
14 min
Level
In this article, we break down what the EU CBAM is, how it works, and what businesses need to do to comply.
ESG / CSR
Industries
MEASURE
ACT
COMFORM
The EU Digital Product Passport (DPP): What You Need to Know
Level
By Kara Anderson, UK Copywriter, on 23/04/2026
Updated by Kara Anderson, on 21/04/2026
The EU digital product passport (DPP) is a cornerstone of Europe’s move toward a transparent, circular economy. Introduced under the Ecodesign for Sustainable Products Regulation (ESPR), the DPP acts as a digital twin for physical goods. It is a record that travels with a product, storing details on its origin, composition, and repair or recycling instructions.
As of April 2026, the framework has moved into active implementation. While the framework is in place, the first wave of sector-specific requirements starts in 2027. For businesses, the DPP is shifting from a future concept to a daily operational reality designed to improve supply chain visibility and provide consumers with reliable information.
In this article, we will cover:
What the digital product passport (DPP) is and why the EU is introducing DPPs
Which regulations apply (including ESPR)
What data a DPP must contain
The latest DPP timeline (2024–2030)
Which products and industries are affected and what businesses need to do to prepare
What is a digital product passport?
Think of a DPP as a structured digital resume that tracks a product’s journey from manufacture to recycling. Linked via a QR code, barcode, or NFC tag, it allows stakeholders - from warehouse managers to customers - to access vital data instantly. It serves as a single source of truth to standardise data across supply chains.
What is inside a typical passport?
Product ID
Unique serial numbers, model references, and manufacturer details for clear product traceability.
Materials
Composition, recycled content, and information on any substances of concern used in the product.
Environmental impact
Carbon footprint data and lifecycle metrics to help assess environmental performance.
Maintenance
Instructions for use, repair guidance, and spare parts availability to extend product life.
End-of-life
Guidance for reuse, recycling, refurbishment, or safe disposal at the end of the product’s life.
Close
Why is the EU introducing the DPP?
The Digital Product Passport (DPP) is not just another layer of bureaucracy; it is a central tool in the EU’s mission to build a resource-efficient economy. It acts as the practical engine behind big-picture goals like the European Green Deal and the Circular Economy Action Plan.
The primary problem the EU is solving is the data gap. In today’s global supply chains, information about what a product is made of or how it can be fixed is often missing, inconsistent, or hidden, which makes it nearly impossible for businesses, regulators, or shoppers to make truly green choices. The DPP bridges this gap by creating a shared digital language for product data.
What this changes in practice:
01
Total transparency
You can track a product’s journey all the way from raw materials to the recycling centre.
02
True traceability
It becomes easy to verify exactly what is inside a product and where those components came from.
03
Right to repair boost
By providing clear manuals and spare parts lists, the DPP makes it much easier to keep products in use longer through repair and reuse.
04
Cutting through greenwashing
Because the data must be verifiable, companies can no longer make vague sustainability claims without the proof to back them up.
05
Stronger enforcement
Regulators can quickly check if products meet EU standards, ensuring a level playing field for companies that actually follow the rules.
Which regulation introduces the DPP?
The digital product passport is the flagship feature of the Ecodesign for Sustainable Products Regulation (ESPR), which entered into force in July 2024. This regulation establishes a comprehensive framework to improve the environmental sustainability of products across the EU market
Rather than a one-size-fits-all rule, the EU uses a layered approach to manage different product needs:
-
The framework (ESPR): This defines the big-picture goals, governance, and what a DPP is at a high level.
-
The fine print (delegated acts): These are product-specific rules that specify exactly what data a company must upload for their particular sector.
While the ESPR provides the general foundation, other legislation also incorporates the DPP concept. For example, the EU Battery Regulation first introduced the mandatory passport requirements that now serve as a model for all future product categories.
How does the DPP work?
The DPP is a bridge between a physical product and its digital twin. Instead of cramming data onto a small label, the product carries a link to a secure, cloud-based record. Because this record is digital, it can be updated in real-time, allowing the product's information to evolve from the factory to the recycling centre.
The 5-step process
1
Unique identity
Every product or batch is assigned a unique digital ID, similar to a social security number, ensuring it can be tracked individually throughout its life.
2
Building the record
Manufacturers and suppliers upload required info - such as material sources, carbon footprints, and safety certificates - into a secure database following specific EU rules.
3
The physical link
A data carrier is added to the product or packaging. While QR codes are most common for consumer ease, industries may use NFC tags or RFID for faster warehouse scanning.
4
Connecting to the registry
The EU is launching a Central Registry that acts as a library index. It does not store your private data but records that a passport exists and tells authorised users where to find it.
5
Accessing the information
When scanned, the system provides a version of the data tailored to the user’s role: consumers see repair guides, regulators see compliance certificates, and recyclers see disassembly instructions.
Which products will require a DPP?
The EU is rolling out requirements priority-first, focusing on products with high environmental impact or high potential for circularity. As of April 2026, the following sectors are at the forefront:
Batteries: Industrial and electric vehicle (EV) batteries are the trailblazers, with mandatory passports required by February 2027.
Textiles and apparel: Due to high waste levels, requirements for garments are expected by 2027; notably, large firms are already banned from destroying unsold clothing as of July 2026.
Iron, steel, and aluminium: These intermediate products are the backbone of construction; tracking for carbon intensity and recycled content is expected by late 2026 or early 2027.
Electronics and ICT: Focus is on repairability, battery health data, and instructions for recovering rare earth metals.
Furniture and mattresses: The EU aims to standardise tracking for wood, chemicals, and textiles in high-impact home goods.
Tires: Included in the 2025–2030 Working Plan to track durability and environmental impact from wear over time.
Who needs to comply?
Compliance is required for any economic operator placing products on the EU market, regardless of whether they are based in Europe or elsewhere.
Manufacturers
Hover to flip
Manufacturers
Carry the heaviest lift, responsible for creating the DPP, collecting and validating all data (from material origin to carbon footprint), and maintaining accuracy over time.
Importers
Hover to flip
Importers
Act as the legal shield, verifying that a valid, scannable DPP exists before a product crosses the border and ensuring the manufacturer has met EU standards.
Distributors and retailers
Hover to flip
Distributors and retailers
Must ensure every regulated product on their shelves features a visible, functional data carrier and provide access to necessary info for customers or repairers.
Authorised representatives
Hover to flip
Authorised representatives
For non-EU companies (e.g., in the US or Asia), these representatives act as a local point of contact for legal paperwork and regulatory compliance.
Digital product passport timeline (2024–2030)
The rollout of the DPP is a phased process designed to give industries time to adapt to new digital requirements. The following roadmap outlines the transition from the initial legal framework to the mandatory adoption across all major sectors by the end of the decade.
2024
2024
The ESPR framework officially becomes law, and experts begin defining technical standards for QR codes and data formatting.
2025
2025
The European Commission releases the first roadmap naming priority groups (textiles, steel, electronics) and industry collaboration on digital infrastructure begins.
2026
2026 (Active Phase)
The EU Central Registry is scheduled to go live. Detailed rules for iron and steel are being finalised, and the ban on destroying unsold textiles takes effect.
2027
2027
Mandatory passports go live for industrial and EV batteries (February 18). The first waves of textiles and apparel are expected to follow.
2028+
2028–2030
The DPP expands to include furniture, tires, and consumer electronics, becoming a standard feature for almost every physical good sold in the EU by 2030.
How companies should prepare for the DPP
With the DPP framework now in its active implementation phase, 2026 is the most critical window for ensuring your operations are ready. Compliance is a matter of when, not if. A successful rollout requires a cross-functional effort between your IT, sustainability, and supply chain teams
The following step-by-step guide outlines the specific data requirements, critical deadlines, and practical actions your company needs to take today:
1
Step 1: Conduct a data gap assessment
+
Identify what data you already have and what is missing. Much of the foundation for a DPP already exists in current regulatory requirements:
What you likely have: Material percentages (Textile Labelling Regulation), hazardous substance declarations (REACH), and basic conformity documentation (CE marking).
What you likely lack: Digital, machine-readable material breakdowns, verified carbon footprint calculations per unit, and detailed disassembly/recycling guidance.
2
Step 2: Clean and standardise product data
+
Move away from fragmented spreadsheets toward a centralised digital source of truth.
The data you need now: Manufacturer details, product name/model, unique GTIN or SKU identifiers, country of origin, and high-level material composition.
The data to prepare for 2027: Granular fibre-level breakdowns for textiles, repairability scores for electronics, and specific carbon footprint data (kg CO2e).
3
Step 3: Secure your supply chain
+
The DPP requires transparency across multiple tiers of your supply chain, not just your direct suppliers.
Update contracts: Integrate structured sustainability data requirements into your supplier onboarding and annual contracts.
Digitise intake: Shift from receiving PDFs to requiring data in machine-readable formats that can be easily uploaded to your DPP platform.
4
Step 4: Choose and test your technology
+
The EU remains technology-neutral, meaning you can choose the carrier that best fits your product type.
Select a carrier: Common options include QR codes (most cost-effective for consumers), NFC chips (ideal for high-end goods), or RFID (best for warehouse logistics).
Run a live pilot: Pick a high-volume product line and run a test from production to point-of-sale to identify breaks in the data chain before mandatory deadlines.
5
5. Establish data governance and tiered access
+
The DPP is not a free-for-all; you must manage who sees what.
Set up access levels: Configure your system so consumers see repair guides and sustainability scores, while recyclers see chemical breakdowns and regulators see full compliance certificates.
Protect trade secrets: Ensure your system can share required sustainability data without exposing sensitive commercial secrets, like proprietary pricing or specific supplier names.
6
6. Integrate with the EU Central Registry
+
By July 2026, the EU’s master index for all passports goes live.
The connection: Your internal IT systems must be configured to talk to the Central Registry.
The function: While the registry doesn't store all your data, it must be able to point regulators and customs officials to your secure cloud record.
7
7. Lifecycle data maintenance
+
A DPP is a dynamic, living document, not a static file.
Update the record: If a product is repaired, refurbished, or resold, the digital record should reflect these changes to support circular business models.
End-of-life handover: Ensure that when the product reaches a recycler, the data carrier is still readable so they can access the disassembly and waste-handling instructions.
8
8. Continuous monitoring of delegated acts
+
Because the EU rolls out rules industry-by-industry, your compliance work is never quite finished.
Watch for new rules: Technical specifications (delegated acts) for specific industries are dropping throughout 2026.
Pivot as needed: You must be ready to update your data collection processes as the European Commission finalises the fine print for your specific product category.
9
9. Product end-of-life and material recovery
+
When a product can no longer be repaired or reused, the DPP facilitates its final chapter.
Recycler access: Recyclers scan the data carrier to access disassembly instructions and material lists.
Recovery guidance: The passport identifies high-value materials or substances of concern, ensuring they are handled safely and efficiently.
Closing the loop: The data collected during recycling (eg. how much of the material was actually recovered) provides the manufacturer with Eco-Cred data for the next generation of products.
The complete business checklist
Preparation
1. Data mapping Identify what data you have and where the gaps are.
2. Supplier audit Ensure your partners can provide digital, verifiable data.
Technical setup
3. Carrier selection Choose your QR, NFC, or RFID link based on product life.
4. Pilot testing Run a live test to find "breaks" in the data flow.
Integration
5. Governance Set up tiered access to protect trade secrets.
6. Registry link Connect your IT systems to the EU Central Registry.
Live operations
7. Maintenance Update records when repairs or refurbishments occur.
8. Monitoring Adapt as the EU drops new rules for your specific sector.
Circular loop
9. Recovery Hand over data to recyclers to reclaim materials.
In this new landscape, the early adopter advantage is significant. Companies that view the DPP as a loop - rather than a one-time compliance hurdle - are finding it easier to secure financing and build deeper trust with customers who want to see the proof for sustainability.
Common blocks and solutions that companies should be aware of
Implementing a digital product passport is a significant undertaking, and it is natural for businesses to encounter a few hurdles as they transition to this new digital standard. To help you stay on track, we have identified the most common challenges companies are facing in 2026 and, more importantly, how you can overcome them.
1. The data quality and collection gap
The Block
Most companies lack a centralised "source of truth" for their products. Gathering granular data—such as verified carbon footprints or chemical breakdowns from Tier 3 suppliers—is a massive undertaking that often reveals incomplete or unreliable records.
The Solution
* Conduct a data audit: Start by identifying what you already have in your ERP or PLM systems and where the black holes are.
Standardise intake: Move away from scattered spreadsheets and PDFs. Implement a digital-first approach where data is collected in machine-readable formats from the start.
2. Supply chain blind spots
The Block
End-to-end traceability requires every partner in the chain to speak the same digital language. However, digital maturity varies wildly across global markets, making it difficult to maintain a seamless digital thread.
The Solution
* Update supplier contracts: Integrate structured sustainability data requirements into your legal agreements.
Establish accountability: Make it clear to partners that the ability to provide verifiable data is now a condition of doing business in the EU.
3. Systems interoperability
The Block
For a DPP to be useful, a scanner at a recycling plant must be able to read data generated by your factory. Ensuring that different IT platforms can "talk" to each other without losing data is a top technical priority.
The Solution
* Prioritise interoperability: When scouting for technology partners, choose platforms designed to interact with the EU Central Registry and other third-party software.
Adopt open standards: Use globally recognised data formats to ensure your passports remain accessible across the entire value chain.
4. Protecting trade secrets
The Block
Transparency is the goal, but companies must protect their proprietary products. Finding a balance between satisfying regulators and protecting sensitive commercial info (like exact pricing) is a delicate dance.
The Solution
* Implement tiered access: Design your system so different users see different data.
Controlled sharing: Configure the DPP so consumers see green scores, while highly sensitive material or financial data is visible only to authorised regulators.
5. Managing the moving target
The Block
While the broad framework is set, the specific fine print (delegated acts) for many industries is still being finalised throughout 2026. This can lead to a "hurry up and wait" atmosphere where businesses are unsure of the final specs.
The Solution
* Focus on data hygiene: Do not wait for the perfect final regulation. Start cleaning up your internal records and strengthening supplier relationships today.
Run live pilots: Pick one product line and test the data flow from production to end-of-life. This allows you to identify and fix bugs before the mandatory requirements hit.
DPP FAQs:
Will the DPP replace the CE marking?
No, the DPP does not replace the CE marking; instead, it digitalises the supporting evidence. While the CE mark remains the physical indicator of safety and health compliance, the DPP provides the digital link to the full technical documentation, certificates, and material declarations required for that mark.
How long must DPP data remain accessible?
Under the ESPR framework, product data must typically remain available for several years after the product has been placed on the market. While specific timeframes are being set in sector-specific rules, the general expectation is that data must persist for the estimated lifetime of the product - and often up to 10 years after production ends - to support second-hand markets and final recycling.
Is the DPP mandatory for small businesses (SMEs)?
The requirement to have a DPP applies to the product, not the size of the company. This means if an SME manufactures or imports a regulated product, such as textiles or electronics, they must comply. However, the EU has introduced certain exemptions - such as the 2026 ban on destroying unsold goods - which initially prioritises larger enterprises to give smaller firms more time to adapt.
What happens if a company fails to provide a valid DPP?
Since the DPP is a legal requirement for market access, the consequences of non-compliance are significant. As of July 2026, the Central Registry will allow customs authorities to scan and block non-compliant shipments at the border. Within the EU, market surveillance authorities can issue fines, order product recalls, or ban the product from sale entirely.
Who owns the data within a digital product passport?
The manufacturer generally remains the owner of the product data. However, they are legally required to make specific subsets of that data available to other stakeholders, such as consumers, repairers, and regulators, through the DPP system. This ensures that while you own the data, you must share it to maintain market access.
What happens if our technology provider goes out of business?
The EU is prioritising interoperability to prevent vendor lock-in. The standards currently being finalised in 2026 ensure that the data is stored in a format that can be transferred to a new platform if your current provider fails. This is why choosing a partner that follows open EU standards is a critical step in 2026.
How does the Central Registry verify product data?
The Central Registry, launching this July, acts as a digital library index. It does not store sensitive supply chain information; instead, it stores the unique product identifier and a link to your secure data record. When a customs official scans a product, the registry simply confirms that a valid passport exists and is compliant with current rules.
Is the DPP relevant to companies based in the UK or the US?
The DPP applies to any business placing products on the EU market, regardless of where the company is headquartered. If you manufacture or sell regulated goods in the EU, you must meet the same transparency standards as local European firms to ensure a level playing field and maintain market access. For UK and US exporters, this means that as of July 2026, shipments may be checked at the border via the EU Central Registry; if the digital link is missing or non-compliant, the goods could be held at the dock.
Close
How Greenly can help with ESG reporting
Streamlined ESG Data Management & Compliance
Greenly streamlines the complex process of ESG data collection, consolidation, and management all in 1 platform.
📥 Import qualitative & quantitative data — platform processes & flags errors
🤖 AI-powered data processing & auto-filling of answers
🔗 Integrated connectivity: map & connect data points across indicators, eliminate redundancy
📂 Centralised platform for all ESG data & supporting docs
⏱️ Track collaborator progress, set reminders & deadlines for compliance
🛡️ Audit-ready traceability: instantly track every change
📊 ESG dashboards to track all key KPIs
🏢 Multi-entity task management & data ingestion at all levels
🧠 AI-powered pre-filling from documentation saves weeks of manual work
🧮 Automatic calculations handle dependencies & speed up consolidation
📈 Multi-entity data collection simplified by mirroring company structure
Strategic ESG Impact & Risk Mitigation
Greenly empowers companies to move beyond reporting to develop strategy, identify risks, and unlock opportunities.
📋 Automated Double Materiality Assessment (DMA) built with CSRD experts
🤖 AI-powered climate risk forecasting integrated into DMA with site-level detail
💰 Translate climate risk into quantified financial opportunities
📍 Location-specific financial risk breakdowns with IPCC-backed data
🔎 Data gap analysis from DMA to improve future reporting
📈 Automated Climate KPI integration
📊 Advanced Materiality Module: benchmarks & specialised add-ons (e.g., CSA)
Tailored & Future-Ready Reporting
Flexible reporting with interoperability across 15+ frameworks.
📝 Custom framework creation with tailored reports
🔀 Interoperability across 10+ frameworks with harmonised database
⚡ Accelerated report creation with AI-powered generation and pre-filling
📄 Auto-generation of complete ESG reports (qualitative & quantitative data)
🛡️ Audit-ready guaranteed reports
💻 Automated ESG report gen incl. XHTML & XBRL for CSRD
📂 Centralised audit trails & attachments per indicator
🤝 Collaborative workflows managing full indicator lifecycle
Expert Guidance & Continuous Support
Comprehensive support & training to empower ESG teams and ensure successful, autonomous reporting.
🧑💼 Dedicated Project Managers & ESG Experts for each framework
📚 Extensive training & resources available on the platform
🤖 AI-powered in-app chatbot (24/7) for instant answers
Sources:Share this article
Subscribe to the CSO Connect Newsletter
We care about your data in our privacy policy.
More Articles
View all
Top 10 Carbon Management Software
1 min
Level
In this article, we’ll explore five of the leading carbon management software platforms available today. Whether you're looking to measure your carbon footprint, create actionable decarbonisation plans, or meet regulatory requirements, these tools can help you build a more sustainable future.
What is the SEC and How is it Related to the Environment?
1 min
Level
How does the SEC, otherwise known as the U.S. Securities and Exchange Commission, help the United States regulate environmental policies?
