CE technical file and Declaration of Conformity

Author Hugues Orgitello Last updated 25 May 2026

CE · Pillar

The technical file is the safe deposit of conformity. It is what must prove, ten years after the last unit was produced, that conformity was properly assessed. A poorly constituted file is the leading cause of failure during market surveillance checks, ahead of actual product non-conformities.

Mandatory contents, common to all directives

All common electronic directives reuse a similar structure, inherited from Annex II of Decision 768/2008/EC. The file must contain at minimum:

A general description of the product, its characteristics, intended use and reasonably foreseeable use.
Design and manufacturing drawings, electrical schematics, mechanical drawings, PCB layouts, gerbers, BOM.
Descriptions and explanations necessary for understanding these drawings.
The list of harmonised standards applied, in whole or in part.
Where harmonised standards have not been applied, the solutions adopted and their justification.
The results of design calculations and examinations carried out.
Test reports, internal and external.
A signed copy of the EU Declaration of Conformity.
For the RED directive: a description of accessories, components and software enabling the equipment to operate as intended.

Directive-specific contents

EMC Directive (2014/30/EU)

Annex II adds:

A conformity assessment analysis specifying how the equipment meets the essential requirements, with corresponding calculations and tests.
Identification elements (brand, type, serial numbers for unique products).

LVD (2014/35/EU)

Annex IV also requires:

A risk analysis and assessment of electrical hazards.
A list of safety-critical components with their characteristics and own conformity evidence (e.g. VDE-certified transformers, certified Y capacitors, certified optocouplers).

RED (2014/53/EU)

Annex V is the most demanding:

Risk analysis covering Articles 3.1(a) health, 3.1(b) EMC, 3.2 spectrum, 3.3 where applicable.
Description of radio configurations: bands, modulations, powers, antennas.
For software-defined radio equipment, description of allowed hardware-software combinations and safeguards against unauthorised configurations.

RoHS (2011/65/EU)

Annex IV adds:

Product description and identification.
Documentation of each component and subassembly's compliance with substance limits. Supplier declarations under IEC 63000 are authoritative.
Manufacturing process documentation ensuring compliance with the limits.

Safety-critical components: what LVD expects

The LVD directive (2014/35/EU) requires the manufacturer to document components whose failure could compromise safety. For a 230 V AC connected electronic product, the typical list comprises:

Component	Expected test/certification	Typical reference
Isolation transformer	Individual certification	EN 61558-1 / -2-16
Primary-secondary isolation optocoupler	Individual certification	EN 60747-5-5
Y capacitor (Class Y1, Y2)	Individual certification	EN 60384-14
X capacitor (X1, X2)	Individual certification	EN 60384-14
MOV varistor	Certification	EN 61051-2
Fuse (slow or fast)	Certification	EN 60127
Power connector IEC C13/C14/C7/C8	Certification	IEC 60320
Power cord	HAR marking or equivalent	EN 50525
Lithium-ion battery	Individual test	IEC 62133-2
OEM switching power supply	Product certification	EN 62368-1
Filter inductor / choke	Certification or in-house test	Variable

For each component, the file must contain:

The datasheet (with date and revision).
The certificate of conformity issued by an accredited lab, dated and named.
The supplier RoHS declaration (per IEC 63000) with restricted substance declaration.
The REACH declaration if the component contains candidate-list substances above 0.1 % by mass.

The absence of these proofs for a single critical component invalidates the LVD file in practice. A routine audit almost systematically checks BOM-to-file consistency.

Risk analysis: method and deliverable

The LVD directive explicitly requires a risk analysis. RED article 3.1(a) also. The recommended methodology for electronic products is HBSE (Hazard-Based Safety Engineering) defined by EN 62368-1.

Risk analysis steps

Identification of energy sources present in the product:
- Electrical energy (ES1, ES2, ES3)
- Thermal energy (ETS1, ETS2, ETS3)
- Mechanical energy (MS1, MS2, MS3)
- Chemical energy (CS)
- Radiation (RS)
- Fire risk (PIS1, PIS2, PIS3)
Classification of each source per the standard's thresholds (for example: 30 V AC accessible = ES1, 60 V AC = ES2, 230 V AC = ES3).
Identification of exposed persons: ordinary user, instructed user, maintenance technician.
Choice of protection barriers appropriate to each source × person intersection:
- Functional, basic, supplementary, double, reinforced insulation
- Mechanical enclosure, clearance and creepage distances
- Warning symbols, manual
- Automatic cut-out devices
Verification of effectiveness of barriers by tests (dielectric strength, heating, accessibility).
Documentation of result in a formalised deliverable that becomes a piece of the technical file.

Typical deliverable

The risk analysis report typically runs 15 to 40 pages depending on product complexity. It contains:

Description of the product and its functions
Block diagram of energy sources
Cross-table source × person × barrier
Justification of each barrier choice
Reference to verification tests
Conclusion on conformity to essential requirements
Date, author, version, signature

Template structure for an IoT product

The file is not required to follow a particular structure, but experience shows a clear organisation saves time in audit. A proven model:

/technical-file
  /00-doc                    (signed DoC, scanned paper + PDF)
  /01-identification         (description, brand, type, photos)
  /02-risk-analysis          (LVD + RED 3.1, HBSE methodology)
  /03-design
    /electrical-schematics
    /mechanical-drawings
    /pcb-gerbers
    /bom
  /04-standards-applied      (referenced list with versions)
  /05-internal-tests
    /pre-tests-emc
    /pre-tests-radio
    /safety-tests
  /06-external-tests
    /lab-reports             (signed original PDFs)
  /07-critical-components    (datasheets, supplier certificates)
  /08-rohs-reach             (IEC 63000 supplier declarations)
  /09-user-documentation     (manual, labels, translations)
  /10-manufacturing-process  (quality, controls, traceability)
  /11-modifications          (revision history and impacts)
  /12-cybersecurity-red-3-3  (if applicable: EN 18031 evidence)

The revision history of point 11 is often neglected. Yet it is what demonstrates control of the product over time.

Critical components documentation (point 07)

For each critical component, a dedicated sub-folder:

/07-critical-components/
  /isolation-transformer-T1
    datasheet-rev3.pdf
    vde-cert-2023-12.pdf
    supplier-rohs-declaration.pdf
    reach-declaration.pdf
    incoming-quality-test-report.pdf
  /y2-capacitor-C12
    datasheet.pdf
    en-60384-14-cert.pdf
    rohs-declaration.pdf
  ...

User documentation (point 09)

The manual must be translated into the official languages of the Member States of placement. For France, French is mandatory; a multilingual manual is common practice. Typical content:

Product identification (model, manufacturer, EU representative)
Intended use and restrictions
Technical characteristics
Installation instructions
Use instructions
Safety warnings (from the risk analysis)
Maintenance and care
End-of-life disposal (WEEE marking)
Manufacturer and representative contact details
Simplified DoC with URL to full DoC (for RED, article 10(9))

The EU Declaration of Conformity

The DoC is the central legal document. It engages the responsibility of the signatory, typically the CEO, quality manager, or an explicitly authorised person. Its contents, defined by Annex IV of Decision 768/2008/EC, include:

A unique number (e.g. DoC-2026-001).
The name and address of the manufacturer or authorised representative.
Product identification, brand, type, model number, photo if relevant.
The commitment phrase: "This declaration of conformity is issued under the sole responsibility of the manufacturer."
Reference to applicable directives, with number and year (not a general designation).
The complete list of applied harmonised standards, with exact versions and amendments.
Where applicable, the Notified Body number and the nature of its intervention.
Name, position and signature of the signatory.
Place and date of signature.

The DoC must be available in an official language of the Member State where the product is placed on the market. For France: French is mandatory (a bilingual French-English copy is common and accepted).

Annotated complete example

Here is a typical DoC for a multi-directive Wi-Fi/BLE IoT sensor in Module A:

                EU DECLARATION OF CONFORMITY
                       No DoC-2026-001

We, [COMPANY NAME], located at [ADDRESS], declare under our sole
responsibility that the product:

    Designation:  Connected temperature sensor
    Model:        SP-CT-100
    Type / ref:   SP-CT-100-WB

is in conformity with the relevant Union harmonisation legislation:

    - Directive 2014/30/EU (EMC)
    - Directive 2014/35/EU (LVD)
    - Directive 2014/53/EU (RED)
    - Directive 2011/65/EU (RoHS)

The following harmonised standards or technical specifications have
been applied:

    EN 55032:2015/A11:2020
    EN 55035:2017/A11:2020
    EN IEC 61000-3-2:2019/A1:2021
    EN 61000-3-3:2013/A1:2019/A2:2021
    EN 62368-1:2020/A11:2020
    EN 300 328 V2.2.2 (2019-07)
    EN 301 489-1 V2.2.3 (2019-11)
    EN 301 489-17 V3.2.4 (2020-09)
    EN IEC 63000:2018

Signed for and on behalf of:  [COMPANY NAME]
                              [CITY], [DATE]

[NAME]
[POSITION]
[Signature]

Common DoC mistakes to avoid

DoC without unique number, each DoC must have a distinguishing identifier.
Standards cited without version or amendment, "EN 55032" alone is imprecise, must become "EN 55032:2015/A11:2020".
Date earlier than test reports it relies on, the DoC cannot be signed before reports are available.
Signatory without formal authorisation within the company, recommended power-of-delegation in writing.
Wrong directive version, use 2014/30/EU not the obsolete 2004/108/EC.
DoC in English only for a product sold in France.
Incomplete manufacturer address or absence of the European economic operator.

Simplified DoC per RED Article 10(9)

The RED directive authorises a simplified DoC that may be included in the user manual. Typical format:

The undersigned, [COMPANY NAME], declares that the radio equipment
type SP-CT-100 is in conformity with directive 2014/53/EU.

The full text of the EU declaration of conformity is available at
the following internet address: https://www.example.com/doc/SP-CT-100

This short form is practical for products where the full text does not fit in the printed manual. It must point to a publicly accessible full DoC (stable URL, no registration required).

Versioning, archival, retention

Locking by revision

Each major revision of the file must be locked by:

a timestamped electronic signature (PAdES, ETSI-standardised)
a SHA-256 hash of the complete file
a dated table of contents
a modification history (who changed what, when, why)

These elements allow proving, years later, that the file has not been modified retroactively.

Electronic vs paper archival

Paper: practical for the original DoC signature but heavy to retain 10 years, vulnerable to loss or fire.
Electronic: standard since 2020, simpler to duplicate and archive. Must use durable formats (PDF/A for final documents, source formats for design files).

The golden rule: keep both source files (Altium, KiCad, AutoCAD, etc.) and their signed PDF/A export. The former enable maintenance, the latter are legal proof.

Retention 10 years after the last unit

The technical file and DoC must be retained for 10 years from the placing on the market of the last unit of the product. Concretely, if a product is marketed from 2020 to 2024, the file must be available until 2034.

For a product with long commercial life (e.g. an industrial PLC produced for 15 years), retention potentially extends to 25 years from first unit. Tracing file revisions across product modifications becomes a subject in itself.

Distribution to the authorised representative

If the manufacturer is non-EU, the authorised representative established in the EU must be able to present the file to authorities on demand. Three archival practices:

Complete copy at the representative, simplest, costliest in synchronisation.
Secure remote access, the representative can retrieve the file within a short delay (≤ 48 h typically).
Index at the representative + full file at the manufacturer, suitable if the time-to-availability is acceptable to the authority.

The choice depends on the maturity of the manufacturer-representative relationship and the estimated audit risk.

Special case: multi-product, range, families

For a product range sharing the same architecture (e.g. temperature sensor in wired, Wi-Fi, BLE, LTE variants), two approaches:

One file per reference, heavier but simpler to maintain, clearer in audit.
One family file with per-variant annexes, more economical but demands rigorous documentation of differences and their impact on tests.

The family approach is accepted by the directives provided that:

variants share the same baseline risk assessment;
tests are either common to the whole family or redone per variant for affected aspects;
the DoC explicitly lists all covered variants;
modifications to one variant are tracked without affecting the others.

Sources & references

Annex II: Directive 2014/30/EU (EMC, technical file) , EUR-Lex eur-lex.europa.eu/eli/dir/2014/30/oj
Annex IV: Directive 2014/35/EU (LVD) , EUR-Lex eur-lex.europa.eu/eli/dir/2014/35/oj
Annex V: Directive 2014/53/EU (RED) , EUR-Lex eur-lex.europa.eu/eli/dir/2014/53/oj
IEC 63000: RoHS documentation , IEC webstore.iec.ch/publication/26710