The EU has a habit of announcing regulatory change well in advance and then watching companies scramble anyway. Regulation (EU) 2026/405 on detergents and surfactants is no exception. Signed on 11 February 2026, it replaces the 2004 framework and does something that goes well beyond updating ingredient lists or safety thresholds. It brings the detergents sector into the EU’s digital compliance era, anchored by a Digital Product Passport that is now a legal instrument, not a pilot or a recommendation.
The application date is 23 September 2029. That sounds distant. It is not. The period between now and then is an implementation phase, not a pause, and the infrastructure decisions made in 2026 and 2027 will determine how smooth or painful the final stretch is.
What the regulation actually changes
The 2004 detergents framework was built around physical labelling. Information lived on the pack. The new regulation keeps physical labelling but adds a structured digital channel on top of it, a Digital Product Passport (DPP) that must be accessible free of charge, without login, connected to a persistent unique product identifier, and available for ten years from the date the product is placed on the market.
This is not a label refresh. It is a shift in the fundamental model of how compliance information is stored, accessed, and verified. The DPP must be machine-readable, searchable, and transferable. It must be built on open standards. And it must be reachable through a data carrier that is physically present on the label or packaging, or on accompanying documents in bulk transport scenarios.
The regulation maps obligations across the supply chain. Manufacturers are the primary duty-holders, but importers and distributors also have defined responsibilities, including checks on labelling and digital information availability. For distance sales, the rules are explicit: online offers must display label information and provide either a copy of the data carrier or the unique product identifier, so the information is visible before purchase, not just after delivery.
How the Digital Product Passport works
Chapter V of the regulation creates the detergent-specific DPP framework. Before a detergent or end-user surfactant can be placed on the market, the responsible economic operator must create the passport, ensure it is accurate and up to date, and keep it accessible for the full ten-year period.
The passport is reached through a data carrier printed or otherwise physically present on the pack. That carrier links to a persistent, unique product identifier aligned with the ESPR rules on identifiers and data carriers. The logic here is deliberate: the detergent DPP is designed to be interoperable with the broader EU digital compliance architecture, including the Ecodesign for Sustainable Products Regulation and the EU’s central DPP registry.
Before placing a product on the market, the operator must upload the product’s unique product identifier and its unique operator identifier to that EU DPP registry. The registry returns a unique registration identifier. From 23 September 2029, or from the moment the interconnection with the EU Customs Single Window is operational (whichever comes later), customs authorities will use that registration identifier to verify products at the EU border. A scan at the border becomes a compliance check.
Where other EU law already requires a passport or data carrier access for the same product, the regulation expects a single DPP and a single data carrier. No duplication, no parallel systems running separately.
The digital label: related but not the same thing
Alongside the DPP, the regulation introduces a digital label. The two serve different purposes and it is worth keeping them clearly distinct.
The digital label governs how certain information is presented digitally to end-users. It must be accessible via the same data carrier as the DPP, searchable, compatible with widely used technologies, available across the EU, and maintained for ten years. If the digital label is temporarily unavailable, operators must be able to provide the information by other means on request.
The DPP, by contrast, is the structured dataset that supports regulatory transparency and enforcement. It is what authorities query. It is the layer that customs checks, that market surveillance uses, and that the Commission can access according to the rights defined in the regulation.
In a well-designed deployment, the two align: the consumer-facing content and the authority-facing data tell the same story, accessed through the same carrier, served from the same underlying source. Getting there requires deliberate architecture, not two separate workflows bolted together at the last minute.
Privacy, access rights, and what operators cannot do
The regulation includes privacy and security requirements that are easy to overlook in the compliance conversation but matter operationally. Operators must not track usage of the online passport beyond what is strictly necessary to provide it. Personal data cannot be stored in the passport without explicit consent.
Access rights are tiered. Consumers, economic operators, national authorities, customs, and the Commission each access the passport according to their respective permissions, but all of them do so free of charge and without registration requirements. Designing that access architecture correctly from the start is significantly easier than retrofitting it later.
The Commission will issue implementing acts that specify data carrier layout and positioning, the standards to be used, access rights in detail, and which actors may update which data fields. Tracking those acts as they emerge is part of the implementation work, not a post-2029 concern.
Transitional arrangements and what they do not excuse
The regulation enters into force twenty days after publication in the Official Journal. Most provisions apply from 23 September 2029. Transitional provisions allow certain products that comply with the old regime to remain on the market until 23 September 2030, providing a runway for conversion rather than an overnight cutoff.
What the transitional arrangements do not provide is a reason to delay planning. The registry must be populated before products are placed on the market. The data carrier must be present on physical packaging, which means it needs to be designed and integrated into packaging production well before the product ships. Formulation changes, safety updates, and classification changes must flow through to the DPP reliably and promptly, which means update workflows need to exist before the passport goes live, not after.
Companies that treat 2029 as the starting line will find themselves working backwards from a deadline with infrastructure gaps that take months to close.
Why this matters beyond the detergents sector
Detergents are not an isolated case. They join toys, construction products, and other sectors already moving toward passport-based compliance under EU product law. The explicit interoperability between the detergent DPP, the ESPR system, the central registry, and customs is a signal about where EU product regulation is heading as a whole.
The direction is a single, standardised, scannable entry point that works simultaneously for consumers reading ingredient information, for online marketplaces verifying listings before purchase, and for border authorities checking imports at speed. For any organisation managing product data across multiple categories or markets, the detergent DPP is a practical preview of the broader model.
What does operational readiness actually look like?
Getting ready for the detergent DPP is a data and infrastructure problem before it is a compliance problem. The practical steps follow a clear logic.
Assign ownership for the DPP dataset and map each required field to an authoritative source system. That source of truth needs to be maintained, not just populated once. Build update workflows that trigger automatically when formulations, safety classifications, or regulatory information change. Design the data carrier strategy early so it remains visible on pack and in distance sales environments throughout the product lifecycle.
Prepare to upload identifiers to the EU registry before placing products on the market, and to present the unique registration identifier at import from 2029 onwards. Align privacy and access control practices with the regulation’s requirements from the design phase, not as a late-stage review.
And track the Commission’s implementing acts. They will define the specifics: carrier positioning, technical standards, field-level update permissions. Those details matter for anyone building the underlying infrastructure.
Is the detergent DPP a preview of what comes next?
For organisations operating across EU product categories, it almost certainly is. The policy logic driving the detergent DPP is the same one shaping battery passports, textile passports, and the ESPR framework more broadly. Move critical information into a structured, interoperable digital channel. Make it checkable at speed. Make it available online and at the border.
Companies that invest now in passport-ready data architecture, persistent identifiers, and reliable data carrier design will not only be ready for detergents by 2029. They will be better positioned for the broader shift to digital compliance that is already underway across EU product law.
The regulation is signed. The date is set. What happens between now and September 2029 is a choice.
