--- title: "EU Digital Product Passport FAQ" canonical_url: "https://www.sorena.io/artifacts/eu/digital-product-passport/faq" source_url: "https://www.sorena.io/artifacts/eu/digital-product-passport/faq/items" author: "Sorena AI" description: "Direct answers on EU Digital Product Passport scope, creators, product groups, registry, customs checks, access rights, identifiers, data carriers, and governance." published_at: "2026-05-09" updated_at: "2026-05-09" keywords: - "EU Digital Product Passport" - "ESPR" - "DPP registry" - "customs access" - "product passport data carrier" - "unique product identifier" - "Digital Product Passport" - "data carrier" --- **[SORENA](https://www.sorena.io/)** - AI-Powered GRC Platform [Home](https://www.sorena.io/) | [Solutions](https://www.sorena.io/solutions) | [Artifacts](https://www.sorena.io/artifacts) | [About Us](https://www.sorena.io/about-us) | [Contact](https://www.sorena.io/contact) | [Portal](https://app.sorena.io) --- # EU Digital Product Passport FAQ Direct answers on EU Digital Product Passport scope, creators, product groups, registry, customs checks, access rights, identifiers, data carriers, and governance. *FAQ* *DPP* *EU ESPR* ## EU Digital Product Passport questions answered Concise answers on how the EU Digital Product Passport works under the Ecodesign for Sustainable Products Regulation. Covers who creates and updates passports, which product groups are first in scope, what goes into the registry, how customs access works, and how public and restricted data should be separated. The EU Digital Product Passport is the ESPR mechanism for making product sustainability, circularity, traceability, and compliance information available electronically. The exact passport content, access rights, data carrier, and product level are set in product-specific delegated acts, so implementation starts with the applicable product group rule rather than a one-size-fits-all passport template. ## Browse sub-FAQ modules ### [DPP QR code vs NFC data carrier choices under EU ESPR](/artifacts/eu/digital-product-passport/faq/qr-code-vs-nfc-carrier-choices.md) How to choose QR code, NFC, or another data carrier for an EU Digital Product Passport without assuming ESPR mandates one universal carrier. - 4 items ### [EU DPP customs access: registry, portal, and restricted data](/artifacts/eu/digital-product-passport/faq/customs-access.md) FAQ on customs access under the EU Digital Product Passport: what customs can verify, how the registry and public portal differ, and how access rights limit DPP data. - 4 items ### [EU DPP unique identifier requirements: product, operator and facility IDs](/artifacts/eu/digital-product-passport/faq/unique-identifier-requirements.md) FAQ on how ESPR Digital Product Passport identifiers connect products, economic operators, facilities, data carriers, resolvers and registry evidence. - 4 items ### [Public vs restricted EU Digital Product Passport data](/artifacts/eu/digital-product-passport/faq/public-vs-restricted-passport-data.md) How to separate public, restricted, authority, and customs access in EU Digital Product Passport designs under ESPR and battery passport rules. - 5 items ### [What is the EU Digital Product Passport registry?](/artifacts/eu/digital-product-passport/faq/dpp-registry.md) FAQ on the ESPR Digital Product Passport registry: what it stores, who uploads data, how identifiers work, and what teams should avoid assuming. - 4 items ### [Which products come first for the EU Digital Product Passport?](/artifacts/eu/digital-product-passport/faq/which-products-come-first.md) FAQ on EU Digital Product Passport product priority: batteries have a separate passport rule, while ESPR product groups depend on the working plan and delegated acts. - 4 items ### [Who must create an EU Digital Product Passport?](/artifacts/eu/digital-product-passport/faq/who-must-create-a-digital-product-passport.md) DPP responsibility under the EU ESPR: how manufacturers, importers, distributors, suppliers, service providers, and delegated acts fit together. - 4 items Browse all indexed questions: [/artifacts/eu/digital-product-passport/faq/items](/artifacts/eu/digital-product-passport/faq/items.md) ## All FAQ items *Page 1 of 2. Showing 20 of 29 items.* ### [Does ESPR require QR code or NFC for every Digital Product Passport?](/artifacts/eu/digital-product-passport/faq/qr-code-vs-nfc-carrier-choices.md#does-espr-require-qr-code-or-nfc-for-every-digital-product-passport) *Module: [DPP QR code vs NFC data carrier choices under EU ESPR](/artifacts/eu/digital-product-passport/faq/qr-code-vs-nfc-carrier-choices.md)* No universal QR-code or NFC mandate is supported by the grounding sources. ESPR says the data carrier must be physically present on the product, packaging, or accompanying documentation as specified in the applicable delegated act. It also requires the data carrier and unique product identifier to comply with the standards referenced in Annex III, or equivalent European or international standards until harmonised standards are published. - Check the delegated act for the product group before selecting the carrier or placement. - Confirm whether the passport data refers to a model, batch, or item. - Keep the carrier and the unique product identifier aligned with ISO/IEC 15459 or equivalent standards where relevant. - Avoid saying that ESPR itself requires QR code, NFC, or any single carrier for every product. Sources for this answer: - [Regulation (EU) 2024/1781 (ESPR)](https://eur-lex.europa.eu/eli/reg/2024/1781/oj?ref=sorena.io) - Supports the legal baseline: DPP access through a data carrier, delegated-act control over placement, unique product identifier requirements, and Annex III identifier standards. ### [When is a QR code the stronger DPP carrier choice?](/artifacts/eu/digital-product-passport/faq/qr-code-vs-nfc-carrier-choices.md#when-is-a-qr-code-the-stronger-dpp-carrier-choice) *Module: [DPP QR code vs NFC data carrier choices under EU ESPR](/artifacts/eu/digital-product-passport/faq/qr-code-vs-nfc-carrier-choices.md)* A QR code is usually strongest when the user needs a visible, low-cost, phone-camera route to a web-resolvable DPP page and one-by-one manual scanning is acceptable. The CEN-CENELEC DPP design guidance treats QR codes as one of the main carrier options and notes that smartphone camera applications can read a QR code URI and hand it to the browser in a default consumer flow. - Use QR where visual scanning, printed labels, and broad consumer access matter. - Test label size, contrast, quiet zone, print method, substrate, abrasion, weather exposure, and cleaning exposure. - Place plain-language text near the code so users know it opens the DPP information portal. - Prefer a stable resolver or URL pattern over dense payloads that make the code harder to scan. Sources for this answer: - [CEN-CENELEC CWA 18186:2025 Digital Product Passport design guidance](https://www.cencenelec.eu/media/CEN-CENELEC/CWAs/RI/2025/cwa18186_2025.pdf?ref=sorena.io) - Supports QR-code selection criteria: phone-camera access, line-of-sight reading, label placement, quiet-zone concerns, payload-size effects, and durability considerations. ### [When is NFC the stronger DPP carrier choice?](/artifacts/eu/digital-product-passport/faq/qr-code-vs-nfc-carrier-choices.md#when-is-nfc-the-stronger-dpp-carrier-choice) *Module: [DPP QR code vs NFC data carrier choices under EU ESPR](/artifacts/eu/digital-product-passport/faq/qr-code-vs-nfc-carrier-choices.md)* NFC is stronger where close-range tap access is acceptable, the product surface makes printed codes unreliable, or the product needs a more durable embedded carrier. The CEN-CENELEC guidance lists passive RFID tags such as NFC among the main carrier options and distinguishes NFC's close-proximity alignment from QR-code line-of-sight scanning. - Use NFC where an embedded or protected tag is more realistic than a scannable printed symbol. - Validate tap location, alignment, metal interference, casing material, and expected service environment. - Provide a visible fallback or instruction because NFC is not self-explanatory to every user. - Assess cost and environmental impact before deploying NFC at high product volumes. Sources for this answer: - [CEN-CENELEC CWA 18186:2025 Digital Product Passport design guidance](https://www.cencenelec.eu/media/CEN-CENELEC/CWAs/RI/2025/cwa18186_2025.pdf?ref=sorena.io) - Supports NFC selection criteria: passive RFID as a carrier option, close-proximity alignment, durability considerations, and cost/environment tradeoffs. ### [What should teams test before freezing the carrier design?](/artifacts/eu/digital-product-passport/faq/qr-code-vs-nfc-carrier-choices.md#what-should-teams-test-before-freezing-the-carrier-design) *Module: [DPP QR code vs NFC data carrier choices under EU ESPR](/artifacts/eu/digital-product-passport/faq/qr-code-vs-nfc-carrier-choices.md)* Freeze the data carrier only after testing the real product, not just the artwork. ESPR requires easy, free-of-charge access to DPP data according to access rights, while the design guidance highlights reading context, reading distance, lifespan, data capacity, speed, alignment, placement, and accessibility. - Identifier: model, batch, or item level; unique product identifier; operator and facility identifiers where required. - Resolution: what the scanner reads, where it resolves, what happens if the first repository is unavailable, and how backup access is handled. - Physical durability: print or tag method, substrate, abrasion, moisture, UV, chemicals, cleaning, temperature, and expected product life. - Scanner UX: camera or tap workflow, distance, angle, lighting, error messages, no-app access where feasible, and online marketplace access where customers cannot touch the product. - Accessibility: text cues, placement reachable by users, compatibility with assistive use patterns, and alternatives where a scan-only path would exclude users. - Standards record: applied data-carrier, identifier, resolver, labelling, and accessibility standards, including any product-group delegated-act rule. Sources for this answer: - [Regulation (EU) 2024/1781 (ESPR)](https://eur-lex.europa.eu/eli/reg/2024/1781/oj?ref=sorena.io) - Supports DPP requirements for easy access, access rights, machine-readable interoperable data, standards alignment, and identifier lifecycle rules. - [CEN-CENELEC CWA 18186:2025 Digital Product Passport design guidance](https://www.cencenelec.eu/media/CEN-CENELEC/CWAs/RI/2025/cwa18186_2025.pdf?ref=sorena.io) - Supports practical test criteria for reading mode, distance, lifespan, payload, placement, online access, and vulnerable-consumer accessibility. ### [What should teams do about EU DPP customs access?](/artifacts/eu/digital-product-passport/faq/customs-access.md#what-should-teams-do-about-eu-dpp-customs-access) *Module: [EU DPP customs access: registry, portal, and restricted data](/artifacts/eu/digital-product-passport/faq/customs-access.md)* Treat customs access as a handoff between the product passport, the Commission registry, and customs systems. For a covered product intended to be released for free circulation, the person placing it under that customs procedure must provide or make available the unique registration identifier linked to the DPP registry entry. - Before import: confirm whether a product-specific ESPR delegated act requires a DPP for the product group. - For registry upload: maintain the unique identifiers required by Article 13 and, for products intended for release for free circulation, the commodity code. - For border handoff: provide or make available the unique registration identifier from the registry. - For compliance records: keep customs verification separate from evidence that the DPP content and ecodesign requirements are correct. Sources for this answer: - [Regulation (EU) 2024/1781 (ESPR)](https://eur-lex.europa.eu/eli/reg/2024/1781/oj/eng?ref=sorena.io) - Article 15 supports the customs handoff: customs verifies the unique registration identifier and commodity code against registry data for release-for-free-circulation checks. ### [Can customs see public and restricted DPP data?](/artifacts/eu/digital-product-passport/faq/customs-access.md#can-customs-see-public-and-restricted-dpp-data) *Module: [EU DPP customs access: registry, portal, and restricted data](/artifacts/eu/digital-product-passport/faq/customs-access.md)* ESPR distinguishes general access to the DPP from rights to specific data. Customers, economic operators, repairers, recyclers, market surveillance authorities, customs authorities, civil society organisations, trade unions, and other relevant actors must have free and easy access to the DPP based on the access rights in the applicable product-specific delegated act. - Public view: data exposed through the DPP and public portal according to the delegated act's access rights. - Customs view: registry access plus DPP and registry data that customs may retrieve and use for risk management, customs controls, and release for free circulation. - Restricted view: non-public or sensitive DPP data should be protected by role-based credentials or equivalent access controls. - Update rights: do not let logistics, broker, or portal users edit DPP data unless their role has the relevant access right. Sources for this answer: - [Regulation (EU) 2024/1781 (ESPR)](https://eur-lex.europa.eu/eli/reg/2024/1781/oj/eng?ref=sorena.io) - Articles 10 and 11 support role-based access to DPP data and restricted rights to introduce, modify, or update passport data. - [CIRPASS DPP System Architecture](https://cirpassproject.eu/wp-content/uploads/2024/06/D3.2v1.9.pdf?ref=sorena.io) - CIRPASS provides implementation architecture support for public versus privileged DPP data access, including credentials for non-public data. ### [How do the registry, public portal, and customs systems differ?](/artifacts/eu/digital-product-passport/faq/customs-access.md#how-do-the-registry-public-portal-and-customs-systems-differ) *Module: [EU DPP customs access: registry, portal, and restricted data](/artifacts/eu/digital-product-passport/faq/customs-access.md)* The registry is not just the public DPP page. ESPR requires the Commission to set up a secure registry that stores at least unique identifiers and, for products intended for release for free circulation, the commodity code. Economic operators upload the required registry data and receive a unique registration identifier. - Registry: stores the DPP identifiers needed for enforcement and customs checks. - Public portal: supports search and comparison of DPP data, limited by each stakeholder's access rights. - EU CSW-CERTEX interconnection: enables automated customs-system checks against registry data. - Decentralised DPP repositories: remain the source for many passport data elements; the registry entry is not a full substitute for maintaining the DPP. Sources for this answer: - [Regulation (EU) 2024/1781 (ESPR)](https://eur-lex.europa.eu/eli/reg/2024/1781/oj/eng?ref=sorena.io) - Articles 13, 14, and 15 define the registry, public web portal, and EU CSW-CERTEX customs interconnection. - [CIRPASS DPP System Architecture](https://cirpassproject.eu/wp-content/uploads/2024/06/D3.2v1.9.pdf?ref=sorena.io) - CIRPASS explains the DPP architecture pattern in which the portal and registry help discover decentralised passport data rather than replacing the operator's DPP repository. ### [Which customs fields should teams avoid inventing in the DPP?](/artifacts/eu/digital-product-passport/faq/customs-access.md#which-customs-fields-should-teams-avoid-inventing-in-the-dpp) *Module: [EU DPP customs access: registry, portal, and restricted data](/artifacts/eu/digital-product-passport/faq/customs-access.md)* Do not pre-fill a DPP customs template with additional customs clearance fields unless a product-specific delegated act or another sourced legal requirement actually calls for those records. - Supported now: unique identifiers, commodity code for release-for-free-circulation cases, and the registry-issued unique registration identifier. - Supported as conditional: additional registry data only when specified in delegated or implementing acts. - Not supported by this grounding: fixed customs penalties, mandatory broker fields, universal import-document fields, or a customs clearance guarantee created by the DPP. - Operational control: maintain a product-group mapping that separates ESPR DPP registry data from ordinary customs, tariff, and logistics documentation. Sources for this answer: - [Regulation (EU) 2024/1781 (ESPR)](https://eur-lex.europa.eu/eli/reg/2024/1781/oj/eng?ref=sorena.io) - Article 13 identifies the registry data expressly named for customs cases and limits additional registry data to what delegated acts specify under stated criteria. ### [What unique identifiers does the ESPR Digital Product Passport require?](/artifacts/eu/digital-product-passport/faq/unique-identifier-requirements.md#what-unique-identifiers-does-the-espr-digital-product-passport-require) *Module: [EU DPP unique identifier requirements: product, operator and facility IDs](/artifacts/eu/digital-product-passport/faq/unique-identifier-requirements.md)* At minimum, a required DPP must be connected through a data carrier to a persistent unique product identifier. ESPR defines that identifier as a unique string that identifies the product and enables a web link to the product passport. - Product identifier: the persistent identifier that connects the physical product, packaging or accompanying documentation to the passport. - Operator identifier: a unique string identifying an actor in the product value chain when Annex III and the delegated act require it. - Facility identifier: a unique identifier for the relevant location or building when facility traceability is required. - Registration identifier: the Commission registry stores at least unique identifiers for enforcement and customs checks; teams should not treat this as a public marketing ID. Sources for this answer: - [Regulation (EU) 2024/1781 (ESPR)](https://eur-lex.europa.eu/eli/reg/2024/1781/oj/eng?ref=sorena.io) - Defines the DPP, data carrier, unique product identifier and the Article 9 product-group decisions on model, batch or item level. - [Regulation (EU) 2024/1781 Annex III](https://eur-lex.europa.eu/eli/reg/2024/1781/oj/eng?ref=sorena.io) - Lists the passport data elements that can include product, manufacturer, other operator, facility, importer and responsible economic-operator identifiers. ### [How should teams connect the identifier to the data carrier and resolver?](/artifacts/eu/digital-product-passport/faq/unique-identifier-requirements.md#how-should-teams-connect-the-identifier-to-the-data-carrier-and-resolver) *Module: [EU DPP unique identifier requirements: product, operator and facility IDs](/artifacts/eu/digital-product-passport/faq/unique-identifier-requirements.md)* Start with the required access path: scanning the carrier must lead to the right passport for the relevant product level. ESPR allows a linear barcode, two-dimensional symbol or other automatic identification data capture medium, but the delegated act can specify which carriers, layout and positioning apply to the product group. - Document the exact carrier payload: identifier only, resolvable URL, GS1 Digital Link URI or another standards-based pattern. - Record the resolver behavior for public users, market surveillance, customs, repairers, recyclers and restricted-access actors. - Verify that the same identifier value is used consistently across the carrier, passport data model, backup copy, registry submission and ecommerce copy shown before purchase. - Keep carrier-quality evidence, because an identifier that cannot be scanned or resolved will not provide practical access to the passport. Sources for this answer: - [Regulation (EU) 2024/1781 Article 10](https://eur-lex.europa.eu/eli/reg/2024/1781/oj/eng?ref=sorena.io) - Requires the DPP to be connected through a data carrier to a persistent unique product identifier and requires open, interoperable, machine-readable data where appropriate. - [CIRPASS DPP System Architecture](https://cirpassproject.eu/project-results/?ref=sorena.io) - Explains why the product identifier is the root of discovery and why identifier choice affects the protocols and systems used to reach DPP information. - [GS1 General Specifications](https://ref.gs1.org?ref=sorena.io) - Defines GS1 Digital Link URI as a web URI syntax for expressing GS1 identifier keys and attributes, useful when a DPP design relies on GS1 identifiers. ### [When are operator and facility identifiers needed?](/artifacts/eu/digital-product-passport/faq/unique-identifier-requirements.md#when-are-operator-and-facility-identifiers-needed) *Module: [EU DPP unique identifier requirements: product, operator and facility IDs](/artifacts/eu/digital-product-passport/faq/unique-identifier-requirements.md)* Operator and facility identifiers are not generic company labels. They are passport data elements used when the product-group delegated act requires traceability of value-chain actors or manufacturing locations. - For the manufacturer, map the manufacturer record to its unique operator identifier and required contact information. - For other value-chain actors, identify which actors the delegated act requires and avoid creating duplicate IDs without confirming whether one already exists. - For facilities, bind the facility identifier to the responsible location or building, not just to a supplier name or purchase-order record. - For standards alignment, check ISO/IEC 15459 or equivalent European or international standards where relevant to the products concerned. Sources for this answer: - [Regulation (EU) 2024/1781 Article 12](https://eur-lex.europa.eu/eli/reg/2024/1781/oj/eng?ref=sorena.io) - Sets the process for missing unique operator and facility identifiers and points to the standards framework for those identifiers. - [Regulation (EU) 2024/1781 Annex III](https://eur-lex.europa.eu/eli/reg/2024/1781/oj/eng?ref=sorena.io) - States that data carriers, product identifiers, operator identifiers and facility identifiers must comply with listed ISO/IEC 15459 standards where relevant. - [GS1 General Specifications](https://ref.gs1.org?ref=sorena.io) - Provides examples of globally used GS1 identification keys, including GTIN for trade items and GLN for locations or parties. ### [What evidence should teams keep for DPP identifier readiness?](/artifacts/eu/digital-product-passport/faq/unique-identifier-requirements.md#what-evidence-should-teams-keep-for-dpp-identifier-readiness) *Module: [EU DPP unique identifier requirements: product, operator and facility IDs](/artifacts/eu/digital-product-passport/faq/unique-identifier-requirements.md)* Keep evidence that proves the identifier can be traced from the product to the correct passport and that each required actor or facility ID is controlled, unique and maintainable. The evidence should be understandable to product, packaging, ecommerce, customs, market-surveillance and supplier teams. - Identifier register with product model, batch or item level, identifier value, issuing system, owner, status and retirement rule. - Carrier specification showing payload syntax, carrier type, placement, sample artwork, scan test results and resolver target. - Operator and facility ID file showing existing-ID checks, requests made on behalf of actors, issued IDs and the actor/location each ID identifies. - Data-model mapping from identifier fields to passport records, backup service provider records, registry data and ecommerce access copies. - Resolver and access-rights test evidence for public users and restricted actors named in the delegated act. - Change log for product redesign, remanufacturing, supplier changes, facility moves, carrier artwork changes and resolver migrations. Sources for this answer: - [Regulation (EU) 2024/1781 Articles 10 and 11](https://eur-lex.europa.eu/eli/reg/2024/1781/oj/eng?ref=sorena.io) - Supports evidence for access, backup copies, interoperability, security, availability and controlled rights to update passport data. - [CEN-CENELEC CWA 18186:2025](https://www.cencenelec.eu/media/CEN-CENELEC/CWAs/RI/2025/cwa18186_2025.pdf?ref=sorena.io) - Provides practical DPP design guidance on identifiers, carrier selection, carrier placement, scanability and registry/web-portal considerations. - [GS1 DPP standards overview](https://www.gs1.org/standards/standards-emerging-regulations/DPP?ref=sorena.io) - Describes GS1's DPP work around identification and data carriers for access to DPP data. ### [What is the rule for public versus restricted DPP data?](/artifacts/eu/digital-product-passport/faq/public-vs-restricted-passport-data.md#what-is-the-rule-for-public-versus-restricted-dpp-data) *Module: [Public vs restricted EU Digital Product Passport data](/artifacts/eu/digital-product-passport/faq/public-vs-restricted-passport-data.md)* Under ESPR, a digital product passport must contain the data specified in the applicable product-group delegated act. That delegated act must state which actors have access to which data, who can create or update passport data, and how long the passport remains available. - Public data should support customer access, comparison, circularity decisions, and other public uses named in the product rule. - Restricted data should be limited to the actors that need it for repair, reuse, recycling, conformity, market surveillance, customs, or another specified role. - Update rights are separate from read rights: ESPR requires rights to introduce, modify, or update passport data to be restricted according to access rights. - Do not publish confidential business information simply because it sits in the passport data model; ESPR expressly requires differentiated access and protection of confidential business information. Sources for this answer: - [Regulation (EU) 2024/1781 (ESPR)](https://eur-lex.europa.eu/eli/reg/2024/1781/oj/eng?ref=sorena.io) - Recital 33 explains why DPPs need differentiated access by data type and stakeholder typology. ### [Which access categories should a DPP team design for?](/artifacts/eu/digital-product-passport/faq/public-vs-restricted-passport-data.md#which-access-categories-should-a-dpp-team-design-for) *Module: [Public vs restricted EU Digital Product Passport data](/artifacts/eu/digital-product-passport/faq/public-vs-restricted-passport-data.md)* A useful DPP access design separates the public portal experience from the restricted operational layer. Public data should be reachable without unnecessary login friction. Restricted data should require authentication or equivalent controls tied to the actor's role. - Public model data: consumer-facing and comparison data, such as the categories made public for battery models. - Restricted legitimate-interest data: operational detail such as dismantling, spare parts, safety measures, or individual item status where the sector rule grants access. - Authority and notified-body data: conformity evidence such as test report results when the rule reserves it for notified bodies, market surveillance authorities, and the Commission. - Customs data: identifiers and commodity codes used to verify imported products against the DPP registry, not a general public disclosure channel. Sources for this answer: - [Regulation (EU) 2023/1542 (Batteries Regulation)](https://eur-lex.europa.eu/eli/reg/2023/1542/oj/eng?ref=sorena.io) - Annex XIII gives a concrete battery passport example with public, legitimate-interest, authority-only, and individual-battery access tiers. - [CWA 18186:2025 DPP guidelines](https://www.cencenelec.eu/get-involved/research-and-innovation/horizon-europe-projects/cwa-download-area/?ref=sorena.io) - The CEN-CENELEC guidance describes public access without logins and restricted access through software roles or authentication. ### [How do the registry, web portal, and customs checks differ?](/artifacts/eu/digital-product-passport/faq/public-vs-restricted-passport-data.md#how-do-the-registry-web-portal-and-customs-checks-differ) *Module: [Public vs restricted EU Digital Product Passport data](/artifacts/eu/digital-product-passport/faq/public-vs-restricted-passport-data.md)* The ESPR registry is not the same thing as the public DPP web portal. The registry is a Commission-managed system that securely stores at least unique identifiers, and for products released for free circulation it also stores the commodity code. Economic operators upload the required registry data, and the registry returns a unique registration identifier. - Registry: at least unique identifiers, plus commodity code for products intended for release for free circulation. - Web portal: public search and comparison, limited by each stakeholder's access rights. - Customs: verification that the unique registration identifier and commodity code correspond to registry data before release for free circulation once the relevant systems are operational. - Evidence implication: keep registry upload records, the returned unique registration identifier, commodity-code mapping, and the access-rights matrix together. Sources for this answer: - [Regulation (EU) 2024/1781 (ESPR)](https://eur-lex.europa.eu/eli/reg/2024/1781/oj/eng?ref=sorena.io) - Articles 13 to 15 establish the registry, public web portal, and customs-control linkage for DPP identifiers and commodity codes. - [CWA 18186:2025 DPP guidelines](https://www.cencenelec.eu/get-involved/research-and-innovation/horizon-europe-projects/cwa-download-area/?ref=sorena.io) - The guidance describes the central registry as a lookup database for identifiers and commodity codes and distinguishes it from the DPP web portal. ### [What evidence should teams keep?](/artifacts/eu/digital-product-passport/faq/public-vs-restricted-passport-data.md#what-evidence-should-teams-keep) *Module: [Public vs restricted EU Digital Product Passport data](/artifacts/eu/digital-product-passport/faq/public-vs-restricted-passport-data.md)* Keep evidence that proves the access decision for each data field. A visitor, auditor, authority, supplier, repairer, or customs broker should be able to see why a field was public, restricted, authority-only, customs-relevant, or excluded from publication. - A DPP data inventory mapped to the applicable delegated act or sector rule. - An access-rights matrix by field, actor, purpose, read permission, update permission, and authentication method. - A confidential-business-information review for data proposed for public display. - Registry evidence: uploaded identifiers, commodity code where relevant, and the returned unique registration identifier. - Customs evidence: process controls for making the unique registration identifier available when a covered product is released for free circulation. - Change-control evidence showing who created, modified, or updated each restricted passport field. Sources for this answer: - [Regulation (EU) 2024/1781 (ESPR)](https://eur-lex.europa.eu/eli/reg/2024/1781/oj/eng?ref=sorena.io) - Articles 10 and 11 require open, interoperable data, protection of personal data, restricted update rights, data integrity, security, and privacy. - [CWA 18186:2025 DPP guidelines](https://www.cencenelec.eu/get-involved/research-and-innovation/horizon-europe-projects/cwa-download-area/?ref=sorena.io) - The guidance links restricted DPP data to logins or authentication and says public data should be available without personal data collection. ### [How should teams decide what is public or restricted?](/artifacts/eu/digital-product-passport/faq/public-vs-restricted-passport-data.md#how-should-teams-decide-what-is-public-or-restricted) *Module: [Public vs restricted EU Digital Product Passport data](/artifacts/eu/digital-product-passport/faq/public-vs-restricted-passport-data.md)* - Start with the applicable delegated act or sector rule and list each mandatory passport field. - Classify every field by read audience, update audience, purpose, authentication method, and evidence owner. - Keep registry and customs data controls separate from the public web portal view. - Escalate fields that expose confidential business information, personal data, safety-sensitive detail, or conformity evidence before publication. Sources for this answer: - [Regulation (EU) 2024/1781 (ESPR)](https://eur-lex.europa.eu/eli/reg/2024/1781/oj/eng?ref=sorena.io) - ESPR is the primary source for DPP data access, update rights, registry handling, and customs controls. - [Regulation (EU) 2023/1542 (Batteries Regulation)](https://eur-lex.europa.eu/eli/reg/2023/1542/oj/eng?ref=sorena.io) - Battery passport Annex XIII provides a concrete example of field-level access tiering. ### [What does the EU Digital Product Passport registry do?](/artifacts/eu/digital-product-passport/faq/dpp-registry.md#what-does-the-eu-digital-product-passport-registry-do) *Module: [What is the EU Digital Product Passport registry?](/artifacts/eu/digital-product-passport/faq/dpp-registry.md)* The registry is the official ESPR register for DPP identifier data. Article 13 requires the Commission to set up a secure digital registry that stores at least unique identifiers; for products intended for release for free circulation, it also stores the commodity code. - Store at least the unique identifiers required for the DPP system. - Store commodity codes for products intended for customs release for free circulation. - Return a unique registration identifier after the economic operator uploads the required registry data. - Give the Commission, competent national authorities, and customs authorities access for their legal duties. - Avoid presenting registry acknowledgement as proof that the product complies with ESPR or other EU law. Sources for this answer: - [Regulation (EU) 2024/1781 (ESPR)](https://eur-lex.europa.eu/eli/reg/2024/1781/oj/eng?ref=sorena.io) - ESPR Articles 13 and 15 define the DPP registry, required stored data, registration identifier, authority access, and customs checks. - [CEN-CENELEC DPP design guidelines workshop](https://www.cencenelec.eu/news-events/news/2024/workshop/2024-06-24-circthread/?ref=sorena.io) - CEN-CENELEC describes DPP design work covering data carriers, information portal contents, and information exchanges. ### [Who uploads registry data and what gets a registration identifier?](/artifacts/eu/digital-product-passport/faq/dpp-registry.md#who-uploads-registry-data-and-what-gets-a-registration-identifier) *Module: [What is the EU Digital Product Passport registry?](/artifacts/eu/digital-product-passport/faq/dpp-registry.md)* The economic operator placing the product on the market or putting it into service uploads the data required for the registry. Once that data is uploaded, the registry automatically communicates a unique registration identifier associated with the unique identifiers uploaded for that product. - Treat the economic operator as the registry uploader unless the applicable legal process says otherwise. - Keep the returned unique registration identifier tied to the product's unique identifiers and commodity code where relevant. - Do not use the registry response as a general compliance certificate. - Preserve upload and correction history so changes to registry data remain auditable. Sources for this answer: - [Regulation (EU) 2024/1781 (ESPR)](https://eur-lex.europa.eu/eli/reg/2024/1781/oj/eng?ref=sorena.io) - Article 13 assigns registry upload duties to the economic operator placing the product on the market or putting it into service and states that the registry response is not proof of compliance. ### [How do customs checks use the registry?](/artifacts/eu/digital-product-passport/faq/dpp-registry.md#how-do-customs-checks-use-the-registry) *Module: [What is the EU Digital Product Passport registry?](/artifacts/eu/digital-product-passport/faq/dpp-registry.md)* For products intended to be placed under the customs procedure for release for free circulation, customs authorities verify at minimum that the unique registration identifier and the commodity code correspond to the registry data. The verification is electronic and automatic once the registry-to-customs interconnection is operational. - Prepare the unique registration identifier before customs release workflows start. - Map the commodity code to the product record before registry upload. - Test the customs handoff electronically once the interconnection is operational. - Keep customs release records separate from general product-compliance evidence. Sources for this answer: - [Regulation (EU) 2024/1781 (ESPR)](https://eur-lex.europa.eu/eli/reg/2024/1781/oj/eng?ref=sorena.io) - Article 15 sets the customs verification rule and the link to the registry and EU CSW-CERTEX interconnection. ## FAQ Pagination - Canonical index (page 1): [/artifacts/eu/digital-product-passport/faq/items](/artifacts/eu/digital-product-passport/faq/items.md) - Page 1 rule: `/page/1` is intentionally not generated; use the canonical index markdown URL. - Current page: 1 of 2 Pages: [1](/artifacts/eu/digital-product-passport/faq/items.md) | [2](/artifacts/eu/digital-product-passport/faq/items/page/2.md) [Next page](/artifacts/eu/digital-product-passport/faq/items/page/2.md) *Recommended next step* *Placement: after governance section* ## Prepare the Digital Product Passport evidence model Use the applicable delegated act to map passport fields, access rights, registry data, identifiers, data carriers, owners, and update controls before publishing a DPP endpoint. - [Open Research Copilot](/solutions/research-copilot.md): Check DPP source requirements and product-group delegated acts with cited external sources. - [Discuss DPP implementation](/contact.md): Review passport fields, identifiers, access rights, and evidence ownership for covered EU products. --- [Privacy Policy](https://www.sorena.io/privacy) | [Terms of Use](https://www.sorena.io/terms-of-use) | [DMCA](https://www.sorena.io/dmca) | [About Us](https://www.sorena.io/about-us) (c) 2026 Sorena AB (559573-7338). All rights reserved. Source: https://www.sorena.io/artifacts/eu/digital-product-passport/faq/items