GPSR for Shopify Sellers: What You Have to Do Yourself

If you sell on Amazon, eBay, or Etsy, those platforms added GPSR fields and nudged you to fill them in. Shopify did none of that. As one merchant put it on the Shopify community forum, "Other platforms like Amazon, eBay, and Etsy have introduced compliance measures, but Shopify has remained relatively quiet on the matter."

That quiet is the whole story. Shopify is software you rent, not a marketplace that vets your listings. So the General Product Safety Regulation (GPSR) puts the obligations directly on you, the merchant. There is no built-in field for your Responsible Person, no validation portal, no automated check. If a product page is missing required information, nobody at Shopify stops the sale. EU customers and market surveillance authorities are the ones who notice.

This guide covers what you actually have to do: who counts as your legal contact in the EU, what to put in your technical file, how to label units, and how to render the required text on a Shopify product page without breaking your theme.

Shopify hands you the whole burden

GPSR (Regulation (EU) 2023/988) took full effect on 13 December 2024, replacing the old General Product Safety Directive. It applies to almost all non-food consumer products sold to customers in the EU and Northern Ireland, including goods imported from the United States, Canada, the UK, Switzerland, and Australia. Selling from a US-based Shopify store to a customer in Germany does not exempt you. The product lands on the EU market, so the rules apply.

A reply on the Shopify community forum was blunt about where the line sits: "You can provide any information required under the GPSR by adding to your product descriptions or adding a metafield, but we can't provide legal guidance as to your obligations under the law at this time." Translation: the tools to display text exist, the responsibility to know what text is required is yours.

Because there is no platform-level enforcement, the consequences flow straight to you. A listing that fails to show the required contact details can lead to product bans, recalls, fines, customs seizures, or loss of payment processor access. There is no marketplace account suspension warning to soften the landing.

First, figure out your legal role

Your obligations depend on what you are under the regulation, not on what you call yourself on your About page.

• Manufacturer. You make products, or you commission them and sell under your own brand or trademark. You carry the full set of duties: risk assessment, technical file, labeling, and a Declaration of Conformity where the product is covered by specific EU harmonisation legislation.
• Importer. You buy finished goods from outside the EU and place them on the EU market. As the forum guidance notes, "An importer is an entity established within the EU that places products from third countries onto the EU market." Importers must keep copies of the manufacturer's technical documentation and verify the manufacturer did proper risk assessments.

Most non-EU Shopify dropshippers and white-label brands end up acting as manufacturer for trademark purposes and need a separate EU contact regardless. That contact is the Responsible Person.

Appoint a Responsible Person

This is the requirement that trips up the most non-EU sellers. GPSR requires a named Responsible Person established in the EU for every product. A forum reply summed it up clearly: "Under the EU's GPSR that came into force December 2024, you need a named responsible person with an EU address visible on your product pages, not just internal documentation."

Read that twice. The address has to be visible to the customer, not buried in a file on your laptop. The Responsible Person verifies product safety, holds the technical file, and cooperates with authorities.

If you have no EU entity, the usual route is a third-party Responsible Person service, which the forum flags as "one option" for non-EU stores. The role only falls to an EU-established fulfilment service provider as a last resort, when no manufacturer, importer, or authorised representative is established in the EU. In practice fulfilment providers refuse it, so don't count on your warehouse covering this. Either way, get it in a contract. To understand how this role differs from an authorised representative, see authorised representative vs Responsible Person.

EUProof does not act as your Responsible Person and does not provide that service. What we do is generate the compliance documents: the technical file structure, the labeling text, and a Declaration of Conformity where your product type requires one or a marketplace asks for it. The contact details for whichever Responsible Person you appoint come out formatted correctly and ready to display.

Build the technical file and risk assessment

The technical file is the dossier that proves your product is safe. It is not a one-page form. It contains product descriptions, a bill of materials, a risk assessment, and safety test reports where the product type requires them (such as EN 71 for toy safety or RoHS for electronics). A formal Declaration of Conformity is only mandatory for products covered by specific EU harmonisation legislation, such as CE-marked toys or electronics. For GPSR-only goods it is a self-declaration that marketplaces often request, not a statutory requirement. Under GPSR Article 9(7) you keep this documentation for 10 years after a product is placed on the market.

The risk assessment is where GPSR widened the old rules. Safety now has to account for foreseeable misuse. As the forum explains, the regulation "emphasizing that safety considerations must account for foreseeable misuse, evolving functionalities, and other threats." The classic example is a small detachable part that a child could put in their mouth. You document that risk and how your product handles it, even if the product is perfectly safe in normal use.

Two practical points save you time and money:

• A safe product still needs a statement. If your item has no specific hazards, you still write a general safety statement and document the foreseeable misuse you considered.
• You don't need a file per color. Variations that don't change the safety, materials, or risk profile group under one master technical file. A t-shirt in five colors of the same fabric is one file, not five.

The single hardest part for small sellers is knowing what to actually produce. One forum contributor named it perfectly: "sellers hear words like 'GPSR' or 'compliance,' but the real question is much simpler: 'What am I actually supposed to write down, save, or show?'" That is exactly the gap our document generator fills, turning your product details into the file, the declaration, and the on-page text in a few minutes. See how that works.

Traceability and physical labeling

Every individual unit needs a permanent, visible, legible identifier: a serial number, batch code, or equivalent. This is what makes a recall possible. Add batch tracking or serial numbering to your operations so you can trace a faulty unit back to its production run.

On top of traceability, the manufacturer and Responsible Person contact details must be physically present on the product, its packaging, or accompanying documents. Here is a common and costly misconception: a QR code on the box is not enough. QR codes are optional and secondary. The legal contact details have to be printed in plain text on the item, packaging, or insert.

If the product is too small to label directly, you put the information on the packaging or a paper insert in the parcel. For the full breakdown of what text goes where, see GPSR labeling requirements.

One more trap on timing. Pre-orders placed before 13 December 2024 are not automatically exempt. The decisive moment is when the product is "placed on the market," meaning when it physically ships. Anything fulfilled in 2025 and 2026 must be fully compliant, even if the customer ordered earlier.

Translate the warnings

You cannot ship English-only manuals across the EU. Under GPSR Article 22, all safety warnings, hazard labels, and user instructions must be in the official language of each member state where the product is sold. Sell to France and Germany and you need French and German. Plan translation as a per-country cost, not an afterthought.

Render the details on your Shopify product page

This is the step Shopify leaves entirely to you. There is no native field, so you have two workable methods.

Metafields (recommended). Create custom metafields for the Responsible Person address and the manufacturer contact, then reference those metafields in your product template so the text renders, usually near the bottom of the product page. This satisfies the pre-purchase visibility rule without you editing the page content by hand for every product. It scales across your catalog and keeps the data structured.

Theme code or product description. You can also paste the contact block directly into the product description, or edit theme Liquid to display it. This works for a handful of products but gets brittle fast across a large store.

Whichever method you choose, the test is simple: can a customer in the EU see the Responsible Person's name and EU address before they buy? If yes, you have met the display requirement. One forum reply suggests independent storefronts should register with the Safety Gate Portal, but Safety Gate is the EU's rapid-alert system for dangerous products, not a general distance-seller business registry. Treat it as a channel authorities use to flag and recall unsafe goods, not a sign-up step you owe before selling.

What this costs

Compliance is real money, and it helps to budget before you start. Based on current market rates, an EU Representative or Responsible Person service runs roughly €1,200 to €4,500 per year. Product safety lab testing, where your product type needs it, runs €500 to €8,000 per SKU. Compiling the technical documentation and risk assessment costs €300 to €1,500 per product group. Translations run €100 to €1,200 per target country, and an initial label print or redesign run is €200 to €2,500. The full picture is in our GPSR compliance cost breakdown.

The line item you can shrink the most is documentation. Generating your technical file and declaration with our compliance tools costs a fraction of the per-product figures above, and you can check your exposure first with the am I affected check.

The short version

Shopify won't do any of this for you. You appoint an EU Responsible Person and show their address on the page, build a technical file with a real risk assessment and keep it for 10 years, put an identifier and printed contact details on every unit, and translate the warnings for each country you sell to. Get those four right and you can sell into the EU with the same confidence a vetted marketplace seller has, without waiting for Shopify to build a feature that may never come.

This article is general guidance, not legal advice. Confirm your obligations with a qualified advisor or your Responsible Person.