Information to Be Submitted for EU Product Database Registration

The Annex VIII registration obligation applies to products classified as Important (Annex III) or Critical (Annex IV) under the CRA. Default-class products — those not listed in Annex III or IV — are not subject to mandatory database registration, though they must still bear CE marking and meet all other CRA obligations.

For Important Class I and Class II products, registration is required because these products undergo a more demanding conformity assessment process (Module B+C or Module H, rather than Module A self-assessment) and carry higher cybersecurity risk. For Critical products — the highest-risk category, subject to mandatory third-party assessment — registration provides market surveillance authorities with a centralised information source for oversight.

Registration must be completed before the product is placed on the market. A product placed on the market without the required registration is non-compliant regardless of whether it otherwise meets the technical requirements.

Annex VIII specifies the following information categories that must be submitted for each product registration:

• Product name, type, batch, or serial number, or other element allowing identification
• Model or version identifier
• Product category (the relevant Annex III Class I/II item or Annex IV item)
• Intended purpose and description of principal characteristics

• Name, registered trade name or registered trademark, and contact address of the manufacturer
• Where applicable, name and contact address of the authorised representative
• Where the registration is submitted by an importer: name and contact address of the importer

• Unique URL or reference to the EU declaration of conformity
• Reference number of the conformity assessment certificate (where a notified body was involved)
• Name, address, and identification number of the notified body (where applicable)
• The conformity assessment procedure applied (under Article 32)

• Date the product was first placed on the EU market (or expected placement date, for advance registration)
• Countries in which the product is made available

All fields must be kept up to date. Changes to any of the above — including new model versions, updated conformity assessment certificates, or change of authorised representative — require the registration record to be updated.

The EU product database used for CRA registrations is the Safety Gate / ICSMS system operated under Regulation (EU) 2019/1020 on market surveillance. The Commission may designate an alternative or supplementary database for CRA-specific registrations — manufacturers should monitor Commission implementing acts for any such designation.

Registrations are accessible to national market surveillance authorities across all EU Member States. This means a registration in Germany is visible to the market surveillance authority in France, Sweden, or any other Member State — the database provides a Union-wide view of products on the market.

Registrations are not publicly searchable by consumers. Access is restricted to market surveillance authorities and the Commission for enforcement and oversight purposes. However, the EU declaration of conformity referenced in the registration must be publicly accessible.

The registration obligation falls on different parties depending on the supply chain structure:

EU-established manufacturer: The manufacturer registers directly.

Non-EU manufacturer with an authorised representative: The authorised representative completes the registration on behalf of the manufacturer, using the mandate they have received. The registration record must identify both the manufacturer and the authorised representative.

Importer (no authorised representative): Where a non-EU manufacturer has not designated an authorised representative, the importer who places the product on the EU market must complete the registration. Importers who register a product effectively take on the compliance responsibilities of a manufacturer for that product.

Where multiple economic operators share responsibility — for example, an importer who later appoints an authorised representative — the registration record should reflect the current responsible party and be updated when responsibilities change.

Registration must be completed before the product is placed on the market. For products going through a third-party conformity assessment, this means the registration should be submitted after the conformity assessment certificate is issued but before the product is shipped to EU customers or made available through EU distribution channels.

Manufacturers and importers must maintain the accuracy of their Annex VIII registrations throughout the product's market lifetime. The obligation to keep information current is not limited to the initial registration — it continues for as long as the product is available on the EU market and during the post-market support period.

Where a product is withdrawn from the market or reaches end of support, this should be reflected in the database record. Stale or inaccurate records may result in enforcement action under Article 64 of the CRA.