Description

Adopted data protection regulation in General Product Safety Regulation (GPSR)

On 25 April 2023, the Council adopted the new General Product Safety Regulation (GPSR), which establishes a wide-ranging legal framework for ensuring the safety of non-food consumer products – items designed for consumer use or those reasonably expected to be used by consumers. Its specific focus is to address safety challenges stemming from novel technologies and the landscape of online selling. Included within the GPSR are stipulations for data protection. In particular, the GPSR stipulates that economic operators and online marketplace providers with product registration systems or loyalty schemes allowing identification of products purchased by customers will have to offer a distinct option for customers to provide contact details solely for safety-related communication. This personal data collection will have to be limited to the minimum necessary and solely used to contact consumers during recalls or safety alerts. Similarly, in the case of complaints, the register of complaints will have to only retain essential personal data for importers to investigate alleged hazardous product concerns. This data will be stored for the necessary investigation duration, up to a maximum of five years after entry.

Original source

Scope

Policy Area
Data governance
Policy Instrument
Data protection regulation
Regulated Economic Activity
cross-cutting
Implementation Level
supranational
Government Branch
executive
Government Body
central government

Complete timeline of this policy change

Hide details
2021-06-30
under deliberation

On 30 June 2021, the European Commission introduced the General Product Safety Regulation (GPSR). I…

2023-04-25
adopted

On 25 April 2023, the Council adopted the new General Product Safety Regulation (GPSR), which estab…

2024-12-13
in force

On 13 December 2024, the General Product Safety Regulation (GPSR) came into force, which establishe…