Connect with us:
Call us:
+49 163 9533715
Log in
Selling electronics in the EU

GPSR Requirements for Manufacturers in the EU (EU 2023/988 Guide)

The EU General Product Safety Regulation is live. Here's what manufacturers and importers need to know to comply with EU 2023/988.

Table of Contents

The EU General Product Safety Regulation (GPSR) came into force on 13 December 2024, replacing a directive that had been in place for over two decades.

If you manufacture, import, or sell consumer products in Europe, GPSR introduces stricter obligations around safety assessment, traceability, incident reporting, and supply chain accountability — with direct enforcement across all EU member states.

If you are new to EU compliance, start with our guide on selling electronics in the EU to understand the broader regulatory framework.

This guide explains what GPSR is, who it applies to, what you must do to comply, and the most common mistakes that put manufacturers at risk.

What Is GPSR and Who Must Comply?

GPSR (EU 2023/988) is the EU's general product safety regulation. It applies to all consumer products sold in the European Union that are not already fully covered by sector-specific Union harmonisation legislation.

GPSR applies to every economic operator in the supply chain:

  • Manufacturers — primary duty holder; responsible for safety assessments, documentation, and incident reporting
  • Importers — carry manufacturer-level obligations when the manufacturer is outside the EU
  • Distributors — must verify that upstream operators have met their obligations before placing products on the market
  • Authorised representatives — EU-based entities formally appointed by non-EU manufacturers
  • Fulfilment service providers — warehouses and logistics operators now carry explicit GPSR obligations for the first time
  • Online marketplaces — platforms facilitating consumer sales face new registration and reporting requirements

Non-EU companies must ensure that a responsible person is established in the EU, with their name and contact details on the product or packaging.

GPSR replaced the General Product Safety Directive (2001/95/EC) and is directly applicable across all 27 EU member states — no national transposition required.

GPSR vs CE Marking: What’s the Difference?

GPSR is often misunderstood as replacing CE marking. It does not.

AreaCE MarkingGPSR
ScopeProduct-specific directives (LVD, EMC, Machinery, etc.)All consumer products
PurposeDemonstrates conformity with applicable EU directivesEnsures overall product safety
Risk coverageSpecific risks defined by the directiveAll risks not covered by sector-specific rules
DocumentationTechnical file per directive requirementsSafety assessment + technical documentation

CE marking and GPSR apply in parallel. CE marking covers the risks defined by the relevant directive. GPSR covers anything those directives do not.

➡ See our guide on CE marking for electronics for a full breakdown of directive requirements.

GPSR vs GPSD: What Actually Changed?

AreaGPSD (old)GPSR (new)
Legal instrumentDirective — required national implementationRegulation — direct effect across all member states
Connected productsNot addressedSoftware and firmware updates in safety scope
Environmental risksNot explicitly coveredExplicitly included in risk assessment
Mental health risksNot coveredNow a recognised harm category
EU responsible personOptional in some casesMandatory — must be named on product or packaging
Online marketplacesMinimal obligationsRegistration, reporting, and takedown obligations
Safety Gate reportingExisted but informalModernised portal; business registration required
Documentation retentionVaried by member state10 years after last product placed on market

GPSR Compliance Process (Step by Step)

To comply with GPSR, manufacturers must follow these seven steps:

  1. Identify all applicable risks for the product
  2. Conduct and document a product safety assessment
  3. Compile and retain technical documentation
  4. Ensure traceability labelling on the product or packaging
  5. Appoint an EU responsible person (non-EU manufacturers)
  6. Register with the Safety Business Gateway and set up incident monitoring
  7. Prepare and test recall procedures

Core GPSR Requirements for Manufacturers

1. Conduct a Product Safety Assessment

Before placing a product on the EU market, manufacturers must complete a documented risk assessment covering:

  • All intended and reasonably foreseeable uses, including misuse
  • Physical, mechanical, electrical, chemical, and biological hazards
  • Digital risks — software vulnerabilities and the safety implications of firmware updates
  • Risks to vulnerable users: children, the elderly, people with disabilities
  • Environmental and psychological risks, where relevant

For connected products, the risk assessment must be revisited whenever a software update could affect product behaviour. Compliance with relevant harmonised standards creates a presumption of safety for the risks those standards cover.

➡ See our guide on CE risk assessment for electronics — many of the same principles apply under GPSR.

2. Prepare Technical Documentation

Manufacturers must compile and maintain documentation that includes:

  • A general description of the product and its intended use
  • The risk assessment and its conclusions
  • A list of standards applied, with test evidence
  • Records of any known complaints or incidents involving safety

Documentation must be retained for 10 years after the last unit is placed on the market.

➡ See our full guide on CE technical documentation requirements — much of the same framework applies under GPSR.

3. Ensure Product Traceability

Products must bear, on the product itself or on the packaging:

  • Manufacturer name, registered trade name, or trademark
  • Manufacturer’s postal address and electronic address (email or website — this is new under GPSR)
  • A product identifier: type, batch, or serial number
  • Safety instructions and warnings in the official language(s) of the member state(s) where the product is sold

4. Appoint an EU Responsible Person

If your business is based outside the EU, one of the following must be established in the EU and formally appointed in writing:

  • Your EU importer, or
  • An authorised representative you have explicitly appointed

Their name and contact details must appear on the product or packaging. They act as the point of contact for market surveillance authorities and are responsible for verifying your documentation is in order.

➡ See our full guide on EU authorised representative requirements.

5. Register and Report Incidents

Manufacturers who become aware of a serious risk must notify the relevant national market surveillance authority without undue delay via the Safety Business Gateway — the business portal connected to the EU Safety Gate alert system.

An internal register of product-related complaints and safety incidents must be maintained from the moment a product is placed on the market.

6. Manage Product Recalls

When a recall is necessary, GPSR requires:

  • Notification to the competent national authority and, via Safety Gate, other affected member states
  • Direct contact with all affected consumers where contact details are available
  • A remedy at no cost to the consumer: repair, replacement, or full refund (minimum)

GPSR and Online Marketplaces

GPSR introduces substantial new obligations for online platforms — and real consequences for manufacturers selling through them.

Online marketplace providers must register with Safety Gate, designate a single point of contact for authorities, and remove dangerous product listings swiftly when notified.

For manufacturers selling via Amazon, Cdiscount, Zalando, or similar platforms, non-compliant products will be flagged and removed faster than before. All product listings must include the required traceability information, and documentation must be available on request.

➡ If you sell through marketplaces, see our guide on selling electronics in the EU for channel-specific requirements.

{{cta}}

Common GPSR Compliance Mistakes

Treating GPSR as a one-time exercise. GPSR requires ongoing monitoring. If a safety issue emerges after a product is on the market — through complaints, incidents, or new information — you must act. The obligation is continuous.

Not updating risk assessments after firmware changes. For connected products, any software update that could affect product behaviour must trigger a risk assessment review. This is one of the most frequently missed obligations.

Missing the EU responsible person. Non-EU manufacturers often appoint an importer informally but fail to document it or ensure the responsible person’s details appear on the product. This is an immediate non-compliance flag for market surveillance authorities.

Labelling in the wrong language. Safety warnings must be in a language consumers in the target member state(s) can understand. Selling into Germany requires German-language instructions.

Not maintaining an incident register. GPSR requires a register of product-related complaints and safety incidents. It must exist before you need it.

Assuming CE marking covers everything. CE marking under the LVD or EMC Directive does not equal GPSR compliance. GPSR applies to all risks not already covered by those directives.

GPSR Compliance Checklist

Use this before placing any product on the EU market.

✓ Risk assessment completed and documented, including digital/connected elements
✓ Technical documentation compiled and 10-year retention policy in place
✓ Manufacturer name, address, and electronic contact on product or packaging
✓ Product identifier visible (type, batch, or serial number)
✓ Instructions and safety warnings in target market language(s)
✓ EU responsible person appointed in writing, details on product or packaging
✓ Safety Business Gateway account registered
✓ Internal incident escalation and recall procedure documented

How EcoComply Helps

EcoComply helps manufacturers identify all applicable EU regulations — including GPSR, CE marking, RoHS, REACH, and EPR — and manage compliance in one place.

  • Map your product to all applicable EU requirements
  • Maintain and organise technical documentation
  • Appoint and manage EU responsible person relationships
  • Monitor regulatory changes that affect your products
  • Centralise compliance workflows across your product portfolio

Conclusion

GPSR raises the baseline for product safety in the EU. The key shift for manufacturers is from reactive to proactive: continuous monitoring, documented risk assessments before launch, and a clear chain of accountability through the supply chain.

The obligations are manageable — but only if you understand which ones apply to your products and have the documentation in place before authorities ask for it.

To understand how GPSR fits into your full EU compliance obligations, start with our guide on selling electronics in the EU.

Frequently Asked Questions

Everything you need to know about EU compliance

Does GPSR apply to B2B products?

GPSR primarily applies to consumer products — products intended for consumers or likely to be used by consumers. Products designed and sold exclusively for professional use in an industrial or commercial setting are generally outside scope.

However, the boundary is narrow. If there is any realistic prospect of a product reaching consumers — for example, if it is sold via general retail channels or online marketplaces accessible to the public — GPSR applies. When in doubt, assume it does.

What products are exempt from GPSR?

The following product categories are excluded from GPSR scope:

  • Food and feed products (covered by separate EU food safety legislation)
  • Medicinal products for human and veterinary use
  • Living plants and animals
  • Products of human origin
  • Antiques
  • Second-hand products that need to be repaired or reconditioned before use, where this is clearly communicated to the buyer before purchase

All other consumer products not fully covered by sector-specific Union harmonisation legislation fall under GPSR.

What are the penalties for GPSR non-compliance?

GPSR requires all EU member states to impose penalties that are effective, proportionate, and dissuasive. The specific fines vary by country, but authorities across all 27 member states can:

  • Issue mandatory product recalls at the manufacturer's cost
  • Impose sales bans and import restrictions
  • Require corrective action and public safety notices
  • Issue financial penalties scaled to the severity of non-compliance

Market surveillance authorities have direct enforcement powers and can act without prior warning if a serious risk is identified.

Does GPSR apply to used or second-hand products?

Yes — with one exception. GPSR applies to products sold in the EU regardless of whether they are new or second-hand.

The exception: antiques and second-hand products that need to be repaired or reconditioned before use, where this is clearly communicated to the buyer before purchase, are exempt.

Standard second-hand goods sold in usable condition, including via online resale platforms, remain subject to GPSR safety requirements.

What is the Safety Business Gateway and how do I register?

The Safety Business Gateway is the EU's online portal for businesses to report dangerous products and recall actions directly to national market surveillance authorities. It connects to Safety Gate — the EU's rapid alert system used by authorities across all member states.

Businesses must register at ec.europa.eu/safety-gate-alerts before they need it. Registration should be completed as part of your GPSR compliance setup — not after an incident occurs. Once registered, you can submit notifications of serious risks, recall actions, and corrective measures.

John Iwueke

Cofounder & CEO EcoComply

John is a seasoned product compliance expert across EU AR, EPR, REACH, RoHS, CSRD. Former compliance lead at Zwilling and Landbell.

Not sure if your product meets GPSR requirements?

• Identify your exact GPSR obligations in minutes
• CE marking, technical documentation, EU responsible person
• Get a free compliance gap assessment

Launch in the EU without compliance guesswork

Get a clear view of what documents you need, what’s missing, and how to avoid market access blockers, built for electronics & IoT manufacturers.

  • Identify missing CE deliverables (DoC, test reports, technical file)
  • Plausibility checks aligned with market surveillance expectations
  • Expert validation for edge cases
Download the checklist