Digital Product Passport··12 min read

Construction Products Need Lifecycle Tracking — Here's How

Featured image for Construction Products Need Lifecycle Tracking — Here's How

DPP for Construction Products: What UK Manufacturers Need to Know

Key Takeaways

  • The UK Building Safety Act 2022 mandates a "golden thread" of digital information for all higher-risk buildings (18m+ or 7+ storeys), requiring manufacturers to provide serialised, machine-readable product identities.
  • The EU's ESPR framework will require Digital Product Passports for construction products from 2028, covering insulation, cladding, structural steel, and concrete — with UK exporters to the EU subject to the same obligations.
  • A DPP for construction products must support multiple stakeholders simultaneously: installers, building managers, fire inspectors, insurers, and end-of-life recyclers — each needing role-appropriate data access.
  • Manufacturers who build digital product identity infrastructure now will gain commercial differentiation with specifiers, access to the remediation market, and a head start on ESPR compliance.

Seventy-two people died at Grenfell Tower because nobody could answer a simple question: what exactly was in the cladding system on that building, and had it been installed correctly?

Seven years on, the regulatory response to that failure is reshaping the entire construction products industry. The UK Building Safety Act 2022 introduced mandatory "golden thread" information requirements for higher-risk buildings (Department for Levelling Up, Housing and Communities, 2022). The EU's Ecodesign for Sustainable Products Regulation (ESPR) is advancing delegated acts that will require Digital Product Passports for construction products from 2028 onward. And the two regimes, while legally distinct, are converging on the same operational demand: every significant construction product must carry a permanent, machine-readable digital identity containing performance data, installation records, and full traceability back to the manufacturer.

For UK manufacturers of insulation, cladding, fire-stopping systems, structural steel, and concrete products, this is not a distant compliance exercise. The groundwork needs to be laid now.

What the Building Safety Act Actually Requires

The Building Safety Act 2022 requires manufacturers to provide structured, machine-readable product data for every item supplied to higher-risk buildings — defined as residential structures over 18 metres or seven storeys. The Act creates a statutory "golden thread of information": a complete, accessible digital record of every product decision made throughout a building's lifecycle. This golden thread is not a filing cabinet. It must be stored in a structured format, accessible to the Building Safety Regulator, accountable persons such as building owners or managers, and fire and rescue services during emergencies. For construction product manufacturers, four categories of data are mandated: unique product identification at serial or lot level (batch numbers alone are insufficient); verified performance data including fire ratings, structural classifications, and thermal certificates; installation records capturing who fitted the product, when, and where; and maintenance and inspection history for passive fire protection and structural elements. The Building Safety Regulator has been explicit that paper records stored on site do not satisfy this obligation — digital by default is the standard.

ESPR and the DPP Timeline for Construction

The EU's Ecodesign for Sustainable Products Regulation replaced the old Ecodesign Directive and grants the European Commission power to mandate Digital Product Passports for specific product categories via delegated acts. Construction products are firmly in scope. The Commission's indicative working plan places the first delegated acts for construction products between 2028 and 2030, with insulation materials and cladding systems — both directly linked to fire safety and energy performance — expected in the 2028 cohort. Structural steel, concrete admixtures, and building systems are likely to follow in subsequent phases. Each mandated DPP must include product classification and performance declarations, material composition and recyclability data, embodied carbon at product and batch level, end-of-life and deconstruction instructions, and links to third-party test certificates. The passport must be delivered via a GS1 Digital Link QR code and registered in the EU Product Passport Registry. For UK manufacturers supplying EU-based developers or contractors, ESPR compliance is a commercial prerequisite regardless of post-Brexit regulatory divergence.

DPP Data Requirements by Construction Product Type

What data must a Digital Product Passport contain for different construction materials? The answer varies significantly by product category because the risks, regulatory frameworks, and stakeholder needs differ across external cladding, insulation, passive fire protection, structural steel, and concrete. A cladding DPP must prioritise reaction-to-fire classification, wind load resistance, and installer certification; a structural steel DPP centres on grade, yield strength, and weld inspection records; a concrete DPP requires mix design references, compressive strength class, and pour location data. The table below maps mandatory and recommended fields against each major product type, drawing on current ESPR draft guidance for construction products and the Building Safety Act golden thread requirements. This data does not reside in a single system — product data sits with the manufacturer, installation data with the contractor, and inspection records with the building manager. The DPP is the mechanism that links all three layers across a product lifetime that, for structural elements, can span sixty to one hundred years.

Product Type Fire Performance Data Structural Ratings Installation Tracking Maintenance Records End-of-Life Data
External cladding systems Reaction to fire class (EN 13501), fire spread test results Wind load resistance, impact resistance Installer certification, fixing method, layer sequence Annual inspection status, any remediation Recyclability %, disassembly instructions
Insulation (PIR, mineral wool, EPS) Euroclass rating, smoke production class Compressive strength (if structural) Location in building, substrate type, fixing method Condition checks, moisture monitoring Recycled content %, take-back scheme
Passive fire protection (intumescent, firestopping) Fire resistance period (EI/EW/E), substrate compatibility N/A Gap size, penetration type, installer name and certification number Re-inspection date, any alterations Product-specific disposal guidance
Structural steel N/A (unless fireproofed) Grade (S275/S355), yield strength, section reference Fabricator, erector, weld inspection records Periodic structural surveys Steel recycled content (typically 90%+), scrap route
Ready-mix concrete Fire resistance class of finished element Compressive strength class (C25/30 etc.), exposure class Pour date, location, mix design reference, curing records Inspection/repair history Carbonation data, recycling suitability

This data does not live neatly in any single system. Product data sits with the manufacturer. Installation data sits with the contractor. Inspection records sit with the building manager or owner. The DPP is the mechanism that stitches these data layers together across the full product lifetime — which, for a structural element, could be 60 to 100 years.

Why QR-Based Identity Is the Right Answer for Construction

Why is a QR-based identity approach better suited to construction products than RFID or NFC? The answer lies in the physical realities of a building site: a paper QR label does not survive rain and concrete dust; an RFID chip cast into a floor slab becomes unreadable once buried; an NFC tag on external cladding degrades under UV exposure over decades. The most durable architecture combines two layers. First, a permanent physical carrier — an anodised aluminium, ceramic, or laser-etched polymer label fixed to the product or its installation point — bearing a GS1 Digital Link QR code that encodes the manufacturer's GTIN and a unique serial or batch identifier. Second, a cloud-resident DPP record linked to that identifier, holding all data that cannot be physically engraved: performance certificates, installation photos, inspection logs, and maintenance schedules. The GS1 Digital Link standard (ISO/IEC 18975) enables the same QR code to resolve differently depending on the scanning context — a building manager sees a maintenance dashboard, a fire inspector sees verified performance certificates, a recycler sees material composition data. The physical identity is permanent; the data record grows throughout the product's life.

This is exactly the infrastructure that BrandedMark provides out of the box. The platform issues serialised GS1 Digital Link QR codes, hosts the DPP data record, and controls access by stakeholder role — all without requiring manufacturers to build custom integrations. See how we handle industrial equipment identity at scale.

Multi-Stakeholder Access: Who Needs What

Who needs access to a construction product's DPP data, and what does each party actually require? Unlike a consumer electronics passport — which primarily serves the end customer — a construction product DPP must serve at least five distinct audiences across a building's lifetime. Installers and subcontractors need to confirm specifications at the point of fitting, capture installation photos, and log their certification credentials; they work in dusty, low-light conditions and need a fast, offline-capable mobile interface. Building managers and accountable persons need a consolidated building-level dashboard showing all installed products, upcoming maintenance requirements, and the ability to generate a golden thread report for the Building Safety Regulator without manually gathering records from dozens of contractors. Regulators and fire inspectors require verified, tamper-evident audit trails confirming that fire-rated products match approved specifications — not substituted items with a different classification. Insurers and valuers increasingly request golden thread data for EWS1 assessments and insurance renewals, needing summary performance data rather than raw records. Recyclers and demolition contractors need material composition and hazardous substance declarations to comply with waste regulations. A single underlying DPP data record, with role-appropriate access controls, is the only architecture that serves all five audiences efficiently.

Learn more about how field installers use connected product identity.

The Competitive Landscape

Which platforms are competing in the construction product DPP space, and how do they differ? Two specialists have positioned early. Cobuilder, Norwegian in origin and now operating across Europe, focuses on structured product data with strong integration into BIM workflows and the EU Construction Products Regulation; its strength is connecting manufacturer data to design-stage product selection. Protokol, UK-based, offers a flexible DPP platform spanning multiple sectors including construction, with capable QR-based delivery and data management tools. Both address parts of the compliance picture. Neither has yet built a manufacturer-facing platform that combines serialised physical identity issuance, post-installation lifecycle management, multi-stakeholder access controls, and built-in GS1 Digital Link compliance in a single no-code product. That gap is where BrandedMark operates. The construction vertical is a direct extension of infrastructure already proven in industrial equipment, PPE, and durable goods manufacturing — sectors that share construction's core challenges of harsh physical environments, long product lifespans, and multi-party data ownership.

The First-Mover Opportunity

What commercial advantage does a UK construction product manufacturer gain by implementing digital product identity infrastructure before ESPR delegated acts are enforced? The advantage operates on three dimensions. First, commercial differentiation: specifiers, architects, and main contractors are already requesting golden thread-compatible product data on higher-risk building projects; manufacturers who can deliver a QR-scannable DPP are winning specifications against competitors who cannot. Second, remediation market access: the UK external wall remediation programme involves replacing cladding systems on thousands of residential buildings, and products specified for remediation face intense provenance scrutiny — a robust DPP infrastructure is a prerequisite for competing in this market. Third, regulatory readiness: manufacturers with existing DPP infrastructure when ESPR delegated acts for construction products are formally adopted will face a data mapping exercise rather than a ground-up system build under deadline pressure. The implementation window before mandatory requirements arrive is a finite resource. Building infrastructure now converts what will become a compliance cost into a commercial asset.

Understand the full EU DPP registry requirements that will underpin construction product compliance.

Frequently Asked Questions

Does the Building Safety Act apply to products already installed in existing buildings?

The golden thread requirements under the Building Safety Act primarily apply to new higher-risk buildings and to major refurbishment projects on existing higher-risk buildings. However, the Act also introduced retrospective obligations for existing higher-risk buildings — accountable persons are required to prepare and maintain safety cases, which necessitates gathering information about the existing building fabric. For manufacturers, this creates an ongoing demand for product data even for products already installed, particularly where fire safety systems or cladding are under review.

When exactly will ESPR DPP requirements apply to construction products?

The European Commission's indicative timeline places the first delegated acts for construction products between 2028 and 2030, with energy-related products (including insulation) likely in the 2028 cohort. After a delegated act is adopted, manufacturers typically have 18 to 24 months before the requirement becomes mandatory. UK manufacturers exporting to the EU should plan for mandatory EU DPP compliance on key product lines by 2030 at the latest, and should treat 2027-2028 as the critical infrastructure build window.

How should construction product DPPs handle data that changes after installation — such as inspection results or maintenance records?

This is one of the genuinely novel challenges of construction DPPs compared to consumer product passports. The solution is to architect the DPP as an append-only record: the manufacturer populates the base product data at the point of manufacture, the installer appends installation records at the point of fitting, and the building manager or appointed inspector appends maintenance and inspection records over the product's lifetime. The underlying product identity (the QR code and its resolver) remains constant; the data record grows over time. Platforms like BrandedMark support this model through role-based data write permissions — each stakeholder can add records to a product's history without being able to alter records created by others.

What to Do Now

What should a construction product manufacturer do today to begin building DPP infrastructure? The starting point is not waiting for ESPR delegated acts — the Building Safety Act golden thread requirements are already in force for higher-risk buildings, and specifiers are already asking for QR-scannable product data. The practical first step is selecting two or three product lines most exposed to higher-risk building projects — typically fire-rated cladding, passive fire protection systems, or structural elements — and implementing serialised identity for those lines first. End-to-end setup, including label printing integration, GS1 Digital Link QR code issuance, and data platform configuration, takes three to six months from a standing start. Beginning with high-exposure lines allows manufacturers to prove the infrastructure before scaling across their full product range. From that foundation, extending to full ESPR DPP compliance as delegated acts arrive becomes an incremental data mapping exercise rather than a crisis response under regulatory deadline. BrandedMark provides the full stack — durable label formats, GS1 Digital Link issuance, cloud-resident data management, and multi-stakeholder access controls — in a single platform already proven in adjacent sectors facing the same physical durability and lifecycle complexity challenges.

See how BrandedMark handles this

Turn every post-purchase moment into an opportunity to build loyalty and drive revenue.

Join the Waitlist — It's Free

Related articles

Digital Product Passport·13 min read

What Is a Digital Product Passport? The Definitive Guide

Digital Product Passports are changing how physical products are made, sold, and recycled. Here's what they are, what data they require, and how to prepare.

Digital Product Passport·19 min read

Digital Product Passport for Textiles and Fashion

Textiles are among the first ESPR categories. Here's what Digital Product Passport compliance requires for clothing and footwear — and how to use it competitively.

Digital Product Passport·22 min read

Digital Product Passport for Electronics

Consumer electronics face some of the earliest EU Digital Product Passport deadlines. Here's what data you need, what the regulation requires, and how to comply in time.

Back to all posts