| Scope boundary | The DPP makes required product information available to the right actors so they can understand the product, verify compliance, and support traceability along the value chain. | A digital twin helps teams understand, monitor, simulate, operate, or improve a product or asset. Its audience is often engineering, operations, service, quality, or selected partners rather than every DPP access-right group. | Do not present a digital twin as the passport. Treat it as a possible source system or enrichment layer for some DPP data, then publish only the DPP information required and permitted for the product group. |
|---|
| Covered actors | Under ESPR, products can only be placed on the market or put into service with a DPP when the applicable delegated act requires one and the passport complies with the DPP requirements. | A digital twin is not itself triggered by ESPR as a mandatory passport. Its trigger normally comes from product strategy, engineering needs, maintenance contracts, customer commitments, or another source outside this DPP rule. | Start DPP scoping with the product group and applicable delegated act. Keep digital twin requirements in a separate engineering or contract register unless a source makes them legally relevant. |
|---|
| Trigger | The DPP must be connected through a data carrier to a persistent unique product identifier. Product-specific rules decide whether the passport is at model, batch, or item level. | A digital twin may model a product model, batch, serialized item, component, configuration, operating state, or event stream. That granularity should not be copied into the DPP unless the DPP rule or data requirement supports it. | Map the twin's object IDs to DPP identifiers, but keep a crosswalk that shows whether each DPP field applies to the model, batch, or item named by the applicable rule. |
|---|
| Core obligations | The DPP requires a data carrier physically present on the product, packaging, or accompanying documentation as specified by the applicable delegated act. ESPR does not make every carrier technology mandatory for every product. | A digital twin may be reached through product lifecycle management systems, IoT platforms, service tools, APIs, QR or NFC links, or internal dashboards. Those access paths are implementation choices unless a DPP rule selects them. | Avoid saying QR, NFC, RFID, or any other carrier is required for the DPP until the product-specific rule or adopted standard says so. A twin link can coexist with a DPP carrier, but it should not expose restricted passport data by accident. |
|---|
| Evidence record | DPP data must be accurate, complete, and up to date. Environmental or circularity claims should point to the product, criterion, claimed value, source, and evidence needed to support the data disclosed. | A digital twin may generate or store useful evidence such as events, counters, metrics, repair logs, configuration changes, or sensor-derived state. Those records still need validation before they support a passport claim. | Use the twin as an evidence source only when the data lineage is clear: product identifier, measurement method, time period, owner, change control, and evidence URI or document are traceable. |
|---|
| Timing and deadlines | The DPP must define who can create, introduce, modify, or update data, and those rights are restricted according to access rights in the applicable delegated act. | A digital twin may update more frequently than the DPP, especially for operational telemetry or service events. Frequent twin updates do not mean every change should become public passport data. | Create a promotion rule: which twin changes affect DPP fields, who approves the change, which version becomes visible, and which historical records remain restricted. |
|---|
| Enforcement | DPP assurance connects to market surveillance, customs controls, conformity evidence, registry checks, and the access rights needed by authorities. Customs release and registry identifiers are not proof of full compliance. | Digital twin assurance is usually technical assurance: model quality, data integrity, cybersecurity, calibration, configuration management, operational safety, or service-level evidence. | Do not translate digital twin quality checks into DPP compliance claims. Keep DPP evidence ready for authorities and keep twin assurance evidence ready for engineering, operations, customers, or auditors. |
|---|
| Overlap and reuse | Use the DPP when the task is legal disclosure, regulated product information, access rights, registry or portal data, customs support, or market-surveillance evidence. | Use the digital twin when the task is design analysis, lifecycle monitoring, service diagnostics, operational events, simulation, or internal product-state management. | Reuse digital twin data in the DPP only after a source-linked field mapping confirms the product identifier, granularity, access level, evidence, owner, and update rule. If any of those are missing, keep the data outside the passport until resolved. |
|---|
| Practical decision rule | The DPP access model is explicit: delegated acts specify which actors can access which data, and ESPR requires easy, free access based on those access rights. | A digital twin is often access-controlled for operational, security, intellectual property, safety, or customer reasons. It can contain sensitive telemetry or engineering details that should not be published just because a DPP exists. | Classify every data element as public DPP data, restricted DPP data, internal twin data, or partner-only twin data. Do not collect personal customer data in the DPP without the explicit consent required by ESPR and GDPR logic. |
|---|