HomeKnowledge base › Checklist
Checklist

DPP Readiness Step by Step: A Checklist for Manufacturers and Brands

Eight concrete steps manufacturers and brands can take today to start preparing for the DPP — from product inventory to QR-code labelling.

⏱️ 10 min read

DPP readiness is not a switch you flip on a single deadline, but a data and process transformation spanning several months — one best started today. This digital product passport checklist breaks the steps of a DPP rollout down into eight concrete, actionable steps — from surveying your product portfolio to QR-code labelling and ongoing maintenance.

Why start now, in 2026?

The ESPR framework regulation ((EU) 2024/1781) entered into force on 18 July 2024, but the actual obligation is set not by the framework itself but by the per-product-group delegated acts. These arrive one by one, and each grants at least 18 months (in practice often 18-24 months) of transition between entry into force and actual application. If you are not yet sure exactly what this system is, start with the basic guide: What is a DPP. Despite these seemingly distant dates, the slowest element is collecting data from the supply chain — something you cannot make up in a few weeks, which is why it pays to get going now.

Step 1 — Survey your product lines and categories

Build a complete inventory of your product lines and map them to the six priority product groups in the ESPR 2025-2030 working plan (COM(2025) 187 final, adopted on 16 April 2025). The intermediate products are steel and aluminium; the final products are textiles/apparel, furniture, tyres and mattresses. On top of these come horizontal measures (repairability score, electronics recyclability) and a 2028 mid-term review that may bring in new categories.

For the exact timeline, see the ESPR/DPP deadlines article; the table below summarises the current indicative (non-binding) planning figures. Important: as of today, 9 July 2026, not a single product-specific ESPR delegated act has been formally adopted, with steel and textiles still in the preparatory/consultation phase.

Product groupLegal act (indicative plan)DPP expected to be mandatory
Iron and steel~2026~2028
Textilees and apparel~2027 (some sources late 2026)~2028-2029
Tyres~2027~2029
Aluminium~2027-2028 (sources differ)~2029-2030
Furniture~2028~2030
Mattresses~2029~2030-2031
Batteries — separate regulation, (EU) 2023/1542already in force18 February 2027 (fixed)

If you manufacture or distribute textile products, you will find the details in the DPP in the textile industry article and on our textile solution page. For batteries, the battery passport is already on a fixed schedule — more on that below, and at our battery solution.

Step 2 — Determine the date that applies to you

There is no single, EU-wide "DPP start date" — obligations arrive category by category. So for each of your product lines you have to determine the date that applies to you specifically:

  • Batteries: the most concrete case. The digital battery passport becomes mandatory from 18 February 2027 for every EV battery, every LMT (light means of transport) battery and every industrial battery above 2 kWh. Note: the 2 kWh threshold applies only to industrial batteries — for EV batteries it is mandatory regardless of capacity. Details: Battery passport.
  • ESPR categories: the mandatory date = the entry into force of the relevant delegated act + the minimum 18-month transition. Since no act has been adopted yet, these dates are estimates and, given the slippage observed so far, may well shift later.

Clarify your role, too, with respect to "placing on the market": are you a manufacturer, an importer or an authorised representative? The obligation falls on the responsible economic operator, and it is enforced by market surveillance and customs. The good news: products lawfully placed on the market before the relevant application date generally do not have to be retrofitted with a DPP — but the exact transitional (grandfathering) wording is always set by the specific delegated act.

Step 3 — Audit your existing data

The DPP is all about data. Run a gap analysis: what you have, at what quality, where you store it, and what is missing. The data typically lives scattered across ERP, PLM, quality folders, spreadsheets and supplier emails. The goal is a single, structured, machine-readable source.

Data field categoryWhere to look firstTypical gap
Unique product identifier (GTIN + serial/batch)ERP, product master dataBatch- and item-level identification
Material and chemical compositionPLM, supplier datasheetsSupplier-level detail, SVHC
Carbon footprint / environmental impactLCA report (if any)Site- and batch-level figures
Recycled contentSupplier declarationVerified, measurable share
Repairability, disassembly, careTechnical documentation, designConsumer- and recycler-facing form
Compliance, certificatesQuality assuranceDigital, referenceable format

For batteries, the set of expected fields is precisely defined (Annex XIII): unique identifier + QR, type/model, material composition, carbon-footprint declaration, recycled content (Li/Co/Ni/Pb), electrochemical performance and durability, State of Health (SoH) and dynamic data, plus due diligence status — with three tiers of access.

Step 4 — A process for requesting supplier data

This is the bottleneck of the project. Much of the data sits not with you but with your suppliers (and their suppliers). Build a repeatable process:

  1. Map the tiers of the chain (Tier 1, Tier 2…) for every affected product line.
  2. A standard request template: precisely named fields, expected units and format — not free text, but structured, machine-readable data.
  3. A contractual anchor: write the data-provision and update obligations into your supplier contracts/framework agreements.
  4. Deadline and escalation: a realistic response time, a responsible contact person, a reminder cadence.

The earlier you launch this, the greater the chance that missing carbon-footprint or composition data will arrive in time. The battery due-diligence obligations, incidentally, were postponed by the Council to 18 August 2027 ((EU) 2025/1561), but it is worth setting up the data-request process now regardless.

Step 5 — Choose your data model and standard

The DPP works only if systems understand the data in a uniform way. Decision points:

  • Unique product identifier: the most widely accepted candidate is the GTIN, often supplemented with a serial and batch number. Under the ESPR, the identifier must comply with the ISO/IEC 15459 standard (or an equivalent).
  • Web link: GS1 Digital Link encodes the identifier into a single URL, so one QR both opens the passport for the consumer and makes the GTIN machine-readable. Read more: QR codes and GS1 Digital Link.
  • European standards: CEN/CENELEC published six of the eight planned DPP EN standards on 27 May 2026 (EN 18216, 18219, 18220, 18221, 18222, 18223); the remaining two — EN 18239 (access management and security) and EN 18246 (data authentication and integrity) — are, according to reports, still at draft stage (FprEN), with publication expected to slip to September 2026. An important nuance: the standards already published are available and can be implemented, but are not yet harmonised — until a reference appears in the Official Journal of the EU, they do not confer a presumption of conformity.
  • Exchange format: the de facto recommended, default exchange format in the EU DPP ecosystem is JSON-LD. An important nuance: this is primarily a recommendation of the CIRPASS-2 reference architecture (D4.1), not a normative requirement of the eight EN standards — but for practical interoperability it is the safest choice today.

Do not build a closed, proprietary QR system: a proprietary solution carries a compliance risk and makes machine reading harder for your partners.

Step 6 — Choose a DPP system and run a pilot

The DPP data model is decentralised: the passport content stays with the economic operator or its DPP service provider, while the EU's central registry (ESPR Article 13) is only an index/directory — it stores the unique identifiers and operator references, not the content itself. The registry is planned to start being set up in the summer of 2026 (secondary sources mention 19 July 2026), but the timing of full operation is uncertain, so treat it with caution.

When choosing a system, look at whether it covers your category, whether it handles role-based access (public / authorised B2B actors / authority-customs), whether it can provide a resolver (redirection) between the persistent identifier and the changing data location, and whether it supports the approved data carriers. Then run a pilot on a single product line: build a few real passports end to end, test QR reading and the supplier data flow before rolling it out across the whole portfolio.

Veridyn is a ready-made platform for exactly this: a schema-driven editor, version history, role-based field filtering and QR generation. With registration you can launch a pilot in minutes; you can check prices on the pricing page.

Step 7 — QR code, data carrier and labelling

The data carrier on the physical product is the entry point. Currently the only approved carrier that opens freely on a consumer's phone is the QR code and the Data Matrix, with a GS1 Digital Link URI. RFID/RAIN RFID is more for industrial, bulk, non-line-of-sight reading; NFC is suitable for consumer access but is not yet a GS1-approved carrier. A single product may even carry several carriers in parallel.

  • Choose QR or Data Matrix for consumer access, with GS1 Digital Link syntax.
  • Ensure physical durability and good placement — the code must stay readable throughout the product's life.
  • For batteries, the QR is mandatory on the physical battery itself.
  • A well-encoded symbol is both human- and machine-readable — that is the goal.

Step 8 — Assign an internal owner and maintain it

The DPP is not a one-off project but a living document. Assign an owner or team (typically quality, compliance or product management) to keep the data current. Build in a maintenance routine: update on product changes, new suppliers or regulatory amendments; for batteries, keep the dynamic data and SoH continuously up to date; keep a version history and audit trail of every change. That way the passport stays current and defensible even under a market-surveillance inspection.

The checklist on one page

#TaskExpected result
1Survey product lines and map them to categoriesProduct-category matrix + list of affected products
2Determine your applicable date and rolePer-product deadline + responsible operator
3Audit existing dataGap list per field, with source noted
4Set up supplier data requestsTemplate, contract clause, deadlines
5Choose a data model and standardGTIN + GS1 Digital Link + JSON-LD decision
6Choose a DPP system and run a pilotWorking passports on one product line
7QR/data carrier and labellingA readable, durable code on the product
8Internal owner + maintenanceAssigned owner + update routine

Common mistakes to avoid

  • "We'll start in 2028." Supplier data collection is the slowest step — that is what justifies starting early.
  • A closed, proprietary QR system instead of the standard GS1 Digital Link — a compliance and interoperability risk.
  • Treating the indicative dates as fixed law. The per-category years are planning figures; the mandatory date is always set by the specific delegated act.
  • Misreading the 2 kWh battery threshold — it applies only to industrial batteries; for EVs it is mandatory regardless of capacity.

Start today

The earlier you start, the cheaper and smoother your DPP readiness will be. You could knock out the first three steps of the checklist above (inventory, date, data audit) as soon as next week. To run a pilot and build your passports, register with Veridyn, check the common questions in the FAQ, or ask for tailored help on the contact page. The digital product passport will not be an option but a condition of market access — and the time to prepare is now.

Create your first product passport

In minutes, with no coding — a standardised, multilingual passport and a printable QR code. Free to try.

Start for free →