GPSR Technical Documentation Template: What Goes In It (2026 Guide)

If you sell consumer products into the EU through Amazon, Etsy, or your own Shopify store, the technical file is probably the part of GPSR that confuses you most. You are not alone. One seller put it plainly on the FBA forum: "What if the authorities ask me for the technical file that lists every aspect of production?" Another said it shorter: "I have no idea what kind of documentation or assessments would you have to poses."

Here is the good news. The technical file is not as mysterious as it sounds, and you almost certainly do not need to pay a consultant to write it. This guide walks through exactly what the file must contain under the General Product Safety Regulation (EU) 2023/988, section by section, so you can draft your own. For the bigger picture of what the regulation covers, start with what is GPSR.

What the law actually requires

The technical file lives in Article 9 of the GPSR, the part that sets out the obligations of manufacturers. If you are a private-label brand owner, you count as the manufacturer for this purpose. Before you place a product on the market, you have to run an internal risk analysis and write up technical documentation.

Article 9(2) says a compliant file must contain, at a minimum, three things:

1. A general description of the product. Its function, intended use, and the characteristics that matter for assessing safety.
2. An analysis of possible risks. A structured look at hazards: physical, chemical, flammability, and anything else relevant to the product.
3. The solutions you adopted. What you did to remove or reduce each risk, including any European harmonised standards you applied.

The European Commission's baseline draft template goes a little further and frames the file as something close to a Digital Product Passport. It expects you to track product identification (brand, name, model or batch or serial number, and clear pictures of the product and its packaging), characteristics and composition (a bill of materials listing the raw materials and components), and user information (copies of warning labels, safety pictograms, and instructions).

One more rule that catches people out: Article 9(7) requires the manufacturer to keep the technical documentation available to market surveillance authorities for ten years after the product is placed on the market. If you are outside the EU, your importer or Responsible Person holds it on your behalf, but the duty starts with you as the manufacturer of record. That is a long shelf life, so build the file to last.

The cost gap nobody warns you about

The reason this topic gets so much attention is money. Because GPSR puts the risk assessment burden directly on the seller, a market has sprung up around it, and the prices are steep. EU Responsible Person agencies often charge anywhere from €350 to $600 for a single custom risk assessment.

Sellers have noticed. One wrote on the FBA forum: "I was talking to a couple of EU companies and they said I should be doing my own risk assessment, and if they do it, they're charging me €350 per category!" Another reached the same conclusion: "I asked if they could review my risk assessment, and they said that would cost extra, charged per product category. What a bugger. So I decided to do my own risk assessment instead."

That instinct is correct. The risk analysis is yours to do, and you are legally allowed to do it yourself. Templates fill the gap between the Commission's generic draft and the expensive agency version. Sellers have praised third-party options like gpsrrisktemplate.com for including sample risks, dropdown logic, and pre-written warning labels across more than 15 product categories. One noted: "I ended up using a template from gpsrrisktemplate.com, super helpful for figuring out what warnings to include, and it's much clearer (and cheaper) than what some EU RP companies offer." Just remember the catch: no template is endorsed by surveillance authorities, and the legal liability stays with you if you fill it out wrong.

Filling each section without overthinking it

The steps above lay out the order. Here is the thinking behind the two sections that trip people up most.

The risk analysis is a record of your reasoning, not a lab report. One seller described the shape of it well: "you should start with a general risk assessment of the product and its intended use, taking into account consumer exposure to materials of fabrication during use." Then, as another put it, "you would list mitigations for any identified risks and how these would be measured and monitored." The goal is a document that, in their words, "shows the assessment and decision making to demonstrate that the product you put on the market complies with GPSR." Think about how a real person would use the item, and how they might misuse it. Our deeper risk assessment walkthrough shows how to structure it for low-risk goods.

The composition section depends on data you may not have. Private-label sellers and dropshippers run into a wall here: factories often refuse to share the bill of materials or chemical Safety Data Sheets, treating formulations as proprietary. One seller summed it up: "getting technical data from suppliers also is a nightmare sometimes." Push your supplier for the BOM in writing. If they will not share full chemical detail, document what you have, and lean harder on third-party test reports for the categories that need them.

Four traps that cause real penalties

Know which digital goods are in scope. Etsy sellers of PDF patterns and Canva templates keep asking the same thing: "How the heck do you provide safety info for digital files?" and "How do you certify a digital file is safe?" The reassuring answer for most of them: pure digital files like ebooks, PDF patterns, and image or print files are generally outside GPSR scope, so a Canva template or knitting pattern does not need a technical file. The contested case is standalone software and apps, where the EU has discussed cybersecurity and risks to minors. If you sell digital goods, see our note on GPSR for digital products.

A factory CE certificate is not your technical file. Plenty of Amazon sellers assume a Chinese supplier's generic CE certificate covers them. It does not. A CE mark declares conformity with specific standards; it is not the file, and it does not list your brand as the manufacturer of record. Platforms reject it for exactly that reason.

Low-risk does not mean no documentation. Sellers of posters, blank notebooks, and basic apparel often freeze, unsure whether they need to warn about a papercut from a greeting card. You do still need a file. You just write a short, honest risk analysis that says the hazards are minimal and explains why.

Handmade is not exempt. GPSR applies to every consumer product, Etsy crafts included. Artisans need to document materials and assess choking hazards, sharp edges, and flammability. See GPSR for handmade sellers if that is you.

Where the Responsible Person fits

The file is yours to draft, but if you sit outside the EU, your appointed Responsible Person is the one who holds it and answers the surveillance authority's questions. EUProof does not provide that service. What we do is generate the documents that go in the file, so you arrive at your Responsible Person with the paperwork already done instead of a blank template and a panic.

If you would rather not start from a generic spreadsheet, EUProof generates a GPSR technical file from a short product questionnaire, including the risk analysis and warning labels, plus a declaration of conformity where one is required. A formal Declaration of Conformity is only mandatory for products covered by specific EU harmonisation legislation, such as CE-marked toys or electronics. For GPSR-only goods it is a self-declaration that marketplaces often request, not a statutory requirement. You can see whether your products are in scope first with our am I affected check, or browse the document templates we produce.

This article is general guidance, not legal advice. Confirm your obligations with a qualified advisor or your Responsible Person.