Search every question across sub-FAQs

No.

The Blue Guide treats that situation as outside placing on the market. It also distinguishes it from products bought online and shipped into the EU, which do not fall under that carve-out.

Usually no.

The Blue Guide says placing on the market does not occur where a product is manufactured for one's own use unless the legislation in question expressly treats own use as an equivalent trigger. The Commission's CRA FAQ applies that logic to the CRA and explains that products developed only for the manufacturer's own use are outside scope unless they are separately placed on the market.

The Blue Guide defines it as the first use of a product within the Union by the end user for its intended purpose.

That concept matters in some Union product laws, but the CRA's general trigger structure is built around placing on the market and making available on the market, not a separate general putting-into-service trigger.

Yes, in principle.

The Blue Guide explains that once a compliant product has been placed on the market, it may continue to be made available later in the distribution chain even if the law changes afterward or the relevant harmonised standards are revised, unless the new legislation provides otherwise. The Commission's CRA FAQ applies the same logic to the CRA transition.

Yes.

The relevant question is whether the individual product had already been placed on the market before the new rules applied. If it had, later storage and resale within the distribution chain do not create a new placing-on-the-market event.

No.

The Blue Guide says repeated renting of the same product does not create a new placing-on-the-market event. The compliance moment remains the first renting or other first supply of that individual product.

No, provided the Blue Guide and CRA conditions are met.

The Blue Guide treats products displayed or operated under controlled conditions at trade fairs, exhibitions or demonstrations as not yet placed on the market, as long as they are clearly identified as non-compliant and not yet available for placing on the market. The CRA contains the same type of carve-out for products, including prototypes, presented or used at such events.

Yes, but only under a narrow CRA exception.

Article 4(3) allows unfinished software such as alpha versions, beta versions or release candidates to be made available on the market for the limited period required for testing, provided it carries a visible sign stating that it does not comply and is not available for purposes other than testing. Recital 37 also says manufacturers should not force users to upgrade to versions released only for testing purposes.

Because the CRA uses the same NLF documentation logic.

The Blue Guide explains the role of technical documentation and the possibility of a single declaration of conformity dossier across several Union acts. The Commission's CRA FAQ relies on that same logic when explaining what technical documentation must contain and how the declaration of conformity works under the CRA.

Because the CRA uses the same product-law logic that compliance cannot be assessed only against the manufacturer's preferred use case.

The Commission's CRA FAQ relies on Blue Guide Concepts to explain that the cybersecurity risk assessment must take account of intended purpose, reasonably foreseeable use and reasonably foreseeable misuse, and that those choices also affect the user information that has to be provided.

For software, the CRA follows the same NLF concepts, but the draft Commission guidance explains how they work in a digital delivery model.

According to the draft guidance, once the software manufacturing phase is complete and a given software product is first offered for distribution or use on the Union market in the course of a commercial activity, that software product is regarded as placed on the market. Later downloads or remote access to that same unchanged software product are instances of making available rather than fresh placing-on-the-market events.

No.

The draft guidance says later iterations that do not qualify as substantial modifications do not trigger a new conformity assessment and do not change the software product's date of placement on the market. A new placing-on-the-market date arises only where the later iteration qualifies as a substantial modification.

No.

The draft guidance says the "first offering creates the placing-on-the-market date" logic applies only to standalone software supplied via digital means. If the software is supplied on a USB flash drive or other physical medium, the physical item is the product supplied for distribution. If software is necessary for hardware to perform its intended functions, the hardware and that software together form the product placed on the market.

The CE marking is the manufacturer's visible self-declaration that the product with digital elements complies with the CRA and any other applicable EU harmonisation law that also requires CE marking.

It is not a standalone approval, security certificate, or authority-issued licence. The useful launch question is whether the evidence behind the mark is complete: conformity assessment, risk assessment, technical documentation, EU declaration of conformity, user information, and any required notified-body involvement.

Only after the applicable CRA conformity assessment procedure has been completed with a positive result. The mark must be affixed before the product with digital elements is placed on the market.

For a launch review, do not treat CE marking as a packaging-only task. The manufacturer should first confirm the selected Article 32 route, the product's classification, the risk assessment, the essential-requirement coverage, the vulnerability-handling evidence, and the EU declaration of conformity.

Article 32 recognises internal control under module A, EU-type examination followed by conformity to type under modules B+C, full quality assurance under module H, and, where available and applicable, specified European cybersecurity certification schemes.

Module A is self-assessment. Modules B+C and H involve a notified body. Important or critical products may have narrower route choices, especially where harmonised standards, common specifications, or qualifying certification schemes are not applied or do not exist for the relevant requirements.

Not always. Under the CRA, the notified body's identification number follows the CE marking where the notified body is involved in conformity assessment based on full quality assurance, module H.

For module B+C, a notified body examines the design and development and issues the relevant certificate, but Article 30(4) ties the identification number after the CE mark to module H. The launch evidence should therefore record both the route used and whether a notified-body number is legally expected next to the mark.

The CRA rule is product first: the CE marking must be visible, legible, and indelible on the product with digital elements. If that is not possible or not warranted because of the product's nature, it must be put on the packaging and on the EU declaration of conformity accompanying the product.

Aesthetics alone are not a sound reason to move the mark away from the product. For physical products, a website-only CE marking is not the CRA fallback; the website option is specific to software products.

For a product with digital elements in the form of software, the CRA allows the CE marking either on the EU declaration of conformity or on the website accompanying the software product.

If the website route is used, the relevant website section must be easily and directly accessible to consumers. Practical evidence should include the URL, the page content, the release or product version covered, and a way to prove that the page was live and accessible when the software was placed on the market.

The CE marking must follow the general CE-marking principles in Regulation (EC) No 765/2008 and the CRA's visible, legible, and indelible placement rule. The Commission FAQ states the general rule that the mark has to be larger than 5 mm, with exceptions only where the product's size does not allow it and visibility remains preserved.

A useful launch check is to review the final product, packaging, declaration, software website page, screenshots, labels, and manuals together. The mark should not be hidden in a location that is not easily visible in the product's intended use.