Key Takeaways
- The EU Digital Product Passport (DPP) is mandatory under the Ecodesign for Sustainable Products Regulation (ESPR). The first hard deadline is 18 February 2027 for EV and industrial batteries.
- DPPs require structured, machine-readable product data: materials, components, repairability, recycled content, carbon footprint, and supply chain provenance.
- Most manufacturers don't have a single system that holds all this data today. The gap is the problem.
- A PIM system with strong data modelling and supplier data collection capabilities closes much of that gap.
The EU Digital Product Passport is a structured digital record that travels with a product throughout its lifecycle, carrying traceability data across the entire value chain. Consumers can scan it. Repair shops can query it. Customs authorities can verify it. Recyclers can use it to identify materials.
Getting a compliant digital product passport in place requires manufacturers to collect, structure, and publish product data at a level of detail most don't currently manage. A GS1 UK survey found only 16% of managers at businesses trading with the EU consider themselves fully prepared for DPP. 79% are concerned they could be barred from EU trade for non-compliance.
What the Regulation Actually Requires
The DPP is a core mechanism of the Ecodesign for Sustainable Products Regulation (ESPR), which entered into force in July 2024. The ESPR Working Plan 2025-2030, adopted in April 2025, sets out the priority product categories and approximate timelines.
Each DPP is tied to a specific product or batch via a unique identifier. The physical data carrier is a QR code conforming to ISO/IEC 18004, printed on or attached to the product itself. The GS1 Digital Link standard governs how that identifier resolves to structured product information in the EU's central DPP registry. The underlying data format is JSON-LD, chosen partly for its interoperability with external systems. Access is tiered: some data is public, some restricted to repairers and recyclers, and some reserved for market surveillance authorities.
Product categories phased in under the ESPR Working Plan include iron and steel (delegated act expected around 2026, implementation 2027), textiles, furniture, construction products, aluminium, and tyres from 2028 onwards, and mattresses from 2029. The regulation's goal is to make sustainable production the default by ensuring environmental impact data follows every product through its life. Batteries are on a separate track under Regulation (EU) 2023/1542: every electric vehicle battery and industrial battery above 2 kWh must carry a digital passport by 18 February 2027.
That battery deadline is the first real enforcement point. Non-compliant batteries will be barred from the EU market. The same enforcement model applies to all subsequent product categories: market surveillance checks against the central registry.
What Data Goes Into a Digital Product Passport
The exact data fields vary by product category and will be defined in delegated acts. But the ESPR and the battery passport regulation already establish the pattern. Most DPPs will require:
- Product identity: model name, manufacturer, place of manufacture, batch or serial number (DPPs can be issued at batch level or serialised per unit)
- Material composition: materials used, including hazardous substances and recycled content percentages
- Carbon footprint: lifecycle data, broken down by production stage where required
- Durability and repairability: spare parts availability, repair instructions, disassembly sequences
- End of life: recycling instructions, material recovery potential
- Supply chain provenance: country of origin for key materials and components
- Certifications and compliance declarations
For manufacturers of complex products like industrial equipment, chemical products, and building materials, that list covers lifecycle data held across multiple departments and systems. Engineering holds BOM and material specs. Compliance holds certifications. Procurement holds supplier origin data. Marketing holds product descriptions. None of those teams typically talk to one another through a shared data structure.
Why Most Companies Aren't Ready
The problem lies in fragmentation. Product specs live in ERP, compliance documents sit in a file share, and supplier declarations arrive by email. No system holds the complete picture in a structured, exportable format.
That matters because a DPP is not a PDF certificate you generate once. It's a live data record that needs to be accurate at the time of sale, updatable when circumstances change, and queryable by external systems. The EU registry will eventually pull or verify data programmatically.
Most ERP systems aren't built for this. They handle transactions well. They don't handle rich product attribute data, multilingual content, tiered access permissions, or the supply chain transparency and flexible data modelling that DPPs require across product lines. A product with 400 material attributes, each with its own unit, source, and certification reference, belongs in a PIM system. The digital product passport will expose that at the point of a compliance audit.
The Role of a PIM System in DPP Compliance
A PIM system built on a flexible EAV (entity-attribute-value) data model can handle the structural complexity that DPPs demand. Because attributes are defined per product type, a single instance can hold steel products and textile products with entirely different field sets. That is exactly how delegated acts will work in practice. Data can be collected from suppliers through structured workflows rather than email. Outputs can be formatted for the EU registry's JSON-LD requirements and mapped to product lifecycle management processes downstream.
The DPP is, at its core, a data quality and data governance problem. The companies that get there first are the ones that already manage their product data in a structured, centralised system.
AtroPIM's EAV data model supports per-category attribute sets, so steel and textile products can carry entirely different required fields in a single instance. Supplier-facing workflows let manufacturers collect and validate material origin, recycled content, and REACH substance declarations directly in the platform. A dedicated premium module handles the publication side: it generates a product passport page consumers, repairers, and authorities reach by scanning the product's QR code, with each audience seeing only the data tier the regulation assigns them.
What to Do Now
The companies that are already behind are the ones that assumed their ERP would handle this or that the deadlines were too far away to plan for. The battery passport deadline is 18 February 2027. The delegated acts for steel are in progress now.
A few concrete steps make sense regardless of which product category you're in:
Map your data gaps first.
Take one product family and list every field a DPP would require. Then identify where that data currently lives, whether it's structured or unstructured, and who owns it. That exercise alone usually surfaces the problem clearly.
Don't wait for delegated acts to start structuring data.
The core fields, including materials, components, certifications, and supplier provenance, are consistent across categories. Structuring this data now means less rework when the specific requirements land.
Involve procurement early.
Supplier-side data is the hardest part to collect and the most commonly missed. Procurement needs to start requiring structured data from suppliers as part of onboarding and renewal processes.
It's also worth auditing your current systems separately. If your product data currently lives in spreadsheets, ERP exports, or a mix of both, a DPP compliance programme will require a full system change. Implementation, data migration, and validation typically take six to twelve months for a mid-sized product catalogue. That clock starts when a system is selected, not when a deadline is announced.
The ESPR defines economic operator broadly: any manufacturer, importer, or distributor placing physical products on the EU market falls within scope, including non-EU companies exporting into the bloc. Market access for non-compliant products will be blocked, and penalties for violations are set by member states. The DPP isn't optional, and the circular economy policy direction behind it isn't going to reverse. Products that can't produce a compliant data carrier at the border will be turned away.
Start with one product category. Map the data. Pick a system that can handle the model. The companies treating this as a product data management project, rather than a last-minute compliance task, are the ones that will get through it without disruption to their EU trade.