What is a Digital Product Passport?
If you sell physical products into the European Union, the Digital Product Passport is about to become part of how your products are allowed on the shelf. The rules sit under the EU Ecodesign for Sustainable Products Regulation, and the first hard deadline arrives on 18 February 2027 for batteries. Most teams have heard the term and stopped there. A KPMG survey found that 97% of EU businesses had heard of the DPP, yet only 33% reported a high understanding of what it actually requires. That gap is where the risk lives.
This guide answers the practical questions. What a Digital Product Passport is. Who it applies to and when. What data goes inside one. What the deadlines are and what happens if you miss them. How brands are preparing now, and how a connected-packaging platform fits the access layer. By the end you will know whether your products are in scope, what you need to assemble, and where to start without waiting for every delegated act to land.
What is a Digital Product Passport?
A Digital Product Passport (DPP) is a structured digital record of a product's identity, materials, origin, and environmental data, accessible by scanning a data carrier such as a QR code on the product. It is introduced under the EU Ecodesign for Sustainable Products Regulation, Regulation (EU) 2024/1781, to make product information available across the whole lifecycle.
The passport is not a marketing page. It is a regulated dataset tied to a unique product identifier and made available to three audiences at once: consumers checking how a product is made, regulators verifying claims, and supply chain partners handling repair, resale, or recycling. The same record can be read by a person with a phone and by a machine querying it directly.
The ESPR entered into force on 18 July 2024 and replaces the older Ecodesign Directive. It gives the European Commission the power to set DPP requirements product group by product group through delegated acts, rather than in one sweep. For brands, the headline is simple. Your product will need to carry a verified digital record, reachable from the pack, in the format the regulation specifies. Understanding the wider sustainability logic behind this helps, so it is worth reading our explainer on the R-strategies that underpin the circular economy and our breakdown of what the EU ESPR actually requires.
Who does the Digital Product Passport apply to?
The DPP applies to manufacturers, importers, and distributors placing regulated physical products on the EU market, including businesses outside the EU that sell into it. Obligations arrive group by group through delegated acts under the ESPR. The first priority categories are textiles, iron and steel, aluminium, furniture, tyres, and mattresses, alongside batteries under separate battery rules.
Selling location, not company location, decides scope. A brand manufacturing in Australia or the United States that ships product into the EU carries the same obligation as a brand based in Berlin. The passport travels with the product.
The Commission set out its priorities in the first ESPR Working Plan, adopted on 16 April 2025. That plan names the early product groups and signals the sequence for the rest of the decade. Food and beverage are not directly covered by the DPP today. Early focus categories are non-food. That said, the direction is clear across regulated sectors, and food, beverage, and alcohol brands already face parallel traceability and disclosure expectations through other EU rules. If you are unsure where your category sits, our guide to which products need a DPP and when maps the sequence in detail.
What data goes inside a Digital Product Passport?
A DPP carries the data the relevant delegated act specifies for that product group. Common requirements across groups include a unique product identifier, material composition and origin, recycled content percentage, carbon footprint, hazardous substances, repairability and repair instructions, and end-of-life sorting and recycling guidance. The exact fields differ by category.
The point is that this is verified data, not claims. A recycled-content figure has to be backed by records. A carbon footprint has to follow a recognised method. Much of this information already exists inside a business, scattered across bills of materials, supplier onboarding files, and manufacturing logs. The work is collecting it, structuring it, and keeping it current.
This is the part most teams underestimate. As James Williamson, co-founder of Orijin Plus, puts it:
The data lives with Product Development and Procurement, not only with a sustainability lead. Getting the structure right early saves a scramble later. For a field-by-field walkthrough, see our companion article on what data goes inside a DPP. The access mechanism matters as much as the data itself. The DPP is reached through a data carrier on the product linked to a GS1 Digital Link, which connects the product's GTIN to its digital record so both shoppers and machines can retrieve it.
What are the Digital Product Passport deadlines?
The first mandatory DPP deadline is 18 February 2027, when every EV and industrial battery above 2 kWh placed on the EU market must carry a digital battery passport under Regulation (EU) 2023/1542, Article 77. Textiles and other ESPR categories follow through delegated acts, with the EU DPP Registry scheduled to go live on 19 July 2026.
Battery first is deliberate. Batteries act as the working proof of concept for the whole system, which is why their deadline is fixed in law while other categories arrive through staged acts. Once a delegated act for a category such as textiles is published, brands typically get a defined window, often around 18 months, before compliance bites.
Missing a deadline is not a paperwork problem. A product without a compliant passport can be held off the EU market, refused by retailers, or rejected at import. The pattern mirrors what we have seen with barcode and food-traceability timelines: regulators set a date, and major buyers often enforce their own version sooner. The infrastructure side is further along than the headlines suggest. As Orijin Plus co-founder Rhys Williamson notes:
"The infrastructure side of DPP is more solved than most people think. The building blocks already exist, they just need to be connected in the right way."
The lesson is to treat 2027 as the start of enforcement, not the moment to begin preparing.
How do brands prepare for the Digital Product Passport?
Brands prepare by assigning a unique identifier to each product, assembling and structuring the required lifecycle data, and adding a data carrier on the pack that links to the digital record. Starting with a small set of products, getting the data model right, then scaling across the range is the route that keeps the change manageable.
The unglamorous step is data readiness. Material origins, recycled content, and supplier records need to be in one structured place, kept current, and verifiable. Brands that already run clean traceability find the passport is mostly an extension of work they have done, rather than a new project from scratch. The same records that satisfy a compliance check can become a customer-facing story.
We have seen this firsthand. ZENKO Superfoods built a verified origin journey for its Himalayan Water Lily Pops using GPS IoT trackers, so each pack could show its path from pond to processing to shelf. The data captured for traceability doubled as the proof a connected experience needs.
Treating the passport as a commercial asset rather than a cost changes the planning. The same investment that meets the regulation can also support resale authentication, recall precision, and AI-driven product discovery. For a fuller picture of the upside, read our analysis of DPP benefits and the return on investment.
How does a connected-packaging platform support DPP compliance?
A connected-packaging platform supplies the access layer the DPP needs. It generates a GS1-compliant QR code carrying a GS1 Digital Link, manages the resolver that serves the right content to each audience, and holds structured product data across the lifecycle. One permanent code on the pack can satisfy regulatory access while also supporting consumer engagement.
Orijin Plus is a GS1 Alliance Partner. The platform generates GS1 Digital Link QR codes on every plan tier and pairs them with a managed resolver, which is the layer that routes a single scan to different content by audience, geography, or batch. For DPP, the resolver is what lets one code show verified lifecycle data to a regulator while showing brand and product content to a shopper. A passport access mechanism and a consumer engagement channel become the same piece of packaging, so you do not need a separate code or a packaging redesign for each requirement.
The data side is handled through traceability across raw materials and manufacturing, with records linked through lots and transformations as products are combined or processed. That structure is what turns a pile of internal documents into a passport that holds up to scrutiny. If you are weighing vendors, our guide to how to choose DPP software sets out what to ask before you commit. To see the access and data layers working together, see how Orijin Plus handles DPP compliance.
FAQ
Is a Digital Product Passport mandatory?
Yes, for products in scope of the EU Ecodesign for Sustainable Products Regulation or related rules. It becomes mandatory group by group through delegated acts. The first legally fixed deadline is 18 February 2027 for batteries above 2 kWh. Textiles and other categories follow once their delegated acts are published, each with its own compliance window.
Does the Digital Product Passport apply to food and beverage?
Not directly today. The early DPP categories are non-food: textiles, electronics, batteries, furniture, and similar. Food, beverage, and alcohol brands are outside the current DPP scope but face parallel EU rules on traceability and digital disclosure, such as wine labelling requirements. The wider direction toward structured, scannable product data is moving across regulated sectors regardless.
What is the difference between a DPP and a QR code?
A QR code is a data carrier. A Digital Product Passport is the structured dataset that the code points to. The QR code on the pack links, through a GS1 Digital Link, to the passport record holding verified lifecycle information. The passport is the content and the rules around it. The QR code is simply one way to reach it.
Do I need a new barcode or a packaging redesign for a DPP?
No full redesign is needed in most cases. A single GS1 Digital Link QR code can carry the product identifier and link to the passport, and the same code can serve consumer content too. One permanent code on the pack can meet the access requirement and support marketing, which avoids adding separate codes or reprinting packaging for each new rule.
When does the EU DPP Registry go live?
The EU DPP Registry is scheduled to go live on 19 July 2026. The registry is the central infrastructure that stores passport identifiers and supports regulatory access. Its activation is a milestone for every product group, because it defines part of the technical architecture that individual passports must connect to ahead of category deadlines such as the 2027 battery date.
Who is responsible for creating the Digital Product Passport?
The economic operator placing the product on the EU market is responsible. That is usually the manufacturer, or the importer if the maker is outside the EU. Responsibility includes assembling accurate data, keeping it current, and making it accessible through the required data carrier. Suppliers contribute the underlying material and component data that the responsible operator compiles.
How much product data do I really need to collect?
Only what the delegated act for your product group specifies, which differs by category. Common fields include a unique identifier, material composition, recycled content, carbon footprint, hazardous substances, and end-of-life instructions. Much of this already exists inside your business in bills of materials and supplier records. The task is structuring and verifying it, not inventing it.
