Does my Responsible Person need access to my test reports and certificates?

Default hero background
Uncategorized
Jason van de Zande

A GPSR responsible person should have access to your relevant test reports and certificates because the role must be able to make technical documentation and safety information available to EU authorities on request. Access can be direct or controlled, but it must be fast and complete enough to support a market surveillance check. The exact documents depend on your product, its risks, and any applicable EU harmonisation legislation.

Does a GPSR responsible person need access to my test reports and certificates?

Yes. Under the General Product Safety Regulation (EU) 2023/988 (GPSR), the responsible person is an EU-established economic operator that must be able to provide relevant documentation and information to authorities upon request. In practice, that means the responsible person needs access—either direct or controlled—to the evidence that supports your product’s safety and compliance claims.

Authorities may ask for documentation during checks under the Market Surveillance Regulation (EU) 2019/1020 (MSR). To respond, the responsible person typically needs access to:

  • Applicable test reports (for the product and, where relevant, critical components)
  • Certificates, where they exist and are relevant (for example, notified body certificates under certain EU harmonisation laws)
  • A risk assessment or internal risk analysis supporting the general safety requirement
  • Instructions, warnings, and safety information in relevant EU languages
  • Product identification and traceability data (model, batch, serial, listing identifiers)

What is “applicable” depends on the product category and which EU rules apply. GPSR is horizontal, but many products also fall under sector-specific legislation (for example, toys, radio equipment, machinery), which can change what evidence is expected.

What documents should be in the technical documentation file for consumer products?

A practical technical documentation file should enable an authority to understand what the product is, how it is traced, what hazards were assessed, and what evidence supports the safety conclusions. GPSR expects technical documentation to exist and be made available upon request, and other EU product laws may add specific content requirements.

  • Product identification: model name/number, SKU, batch or serial format, photos, variants
  • Manufacturer details: legal entity name, addresses, contact channels
  • Responsible person details as shown on the product, packaging, or accompanying document
  • Risk assessment: hazards, foreseeable use and misuse, vulnerable users, mitigation measures
  • Test reports supporting safety claims and identified risks
  • Certificates, where relevant, and a Declaration of Conformity where required by applicable CE legislation (not by GPSR itself)
  • Label artwork and packaging files, including warnings and symbols
  • Instructions for use and safety information in the languages of the Member States where the product is sold
  • Traceability records: supplier and component traceability, and downstream economic operators where applicable
  • Complaint-handling records and known accidents, plus corrective actions, withdrawals, and recalls where applicable

Keep documents current, version-controlled, and in a format that can be shared quickly with EU authorities. If your listing identifiers differ from factory documents, include a mapping so the file clearly matches what is sold.

How can I share compliance documents with a responsible person without losing control of my IP?

You can give a responsible person the access they need while still controlling sensitive information by using controlled sharing, clear procedures, and confidentiality protections. The key is that access must still be sufficient to respond to authority requests without delay and without undermining the safety assessment.

  • Secure document portal with role-based access and audit logs
  • A document register listing each file, version, owner, and last review date
  • Version control and change notifications when labels, materials, or suppliers change
  • A non-disclosure agreement and confidentiality clauses aligned with EU data protection obligations
  • Redaction only where lawful and only if it does not remove safety-critical content (authorities may require full reports)
  • A defined workflow for authority requests, including who approves release and expected response times
  • Retention periods aligned with your obligations and the need to demonstrate ongoing compliance

If you use third-party test labs, confirm that reports are issued to the correct legal entity and clearly identify the exact product variant sold in the EU.

How does EARP help with responsible person access to test reports and certificates?

We help by acting as your GPSR responsible person and setting up a practical, authority-ready way to manage documentation access without creating unnecessary exposure of sensitive files. Our process focuses on readiness, controlled access, and clear communication with market surveillance authorities.

  • Structured onboarding with a document intake checklist for your product type
  • Secure storage and controlled access to test reports, certificates, risk assessments, and labelling files
  • Completeness checks to confirm required safety documents are present and match the product identifiers sold
  • Fast, organised responses to authority documentation requests, including providing files in an EU-accessible format
  • Guidance on what to keep, how to keep it current, and how to handle updates and corrective actions

See our services or contact us to discuss your product range and the best way to set up responsible person documentation access.

Related Articles