Reg (EU) 2024/2847Generate dossier — €149
LIVE — Enforcement tracker · Deadline dashboard · Transposition status — Updated weekly from EUR-Lex, Safety Gate, OEIL & 12 official sourcesView regulatory intelligence →

Your robot vacuum maps the floor plan of every European home it enters. It connects to WiFi, streams data to a companion app and receives firmware updates over the air. Under Article 2.1 of Regulation (EU) 2024/2847, it is a product with digital elements. If it has a camera that can be used for home monitoring, Annex III point 17 may classify it as Important Class I. CRACheck generates the Annex VII documentation.

Robot vacuums collect home layout data, movement patterns and, in camera-equipped models, images of the interior. A cybersecurity breach does not just affect the appliance — it exposes the physical layout of the owner's home. European consumers and data protection authorities are acutely aware of this risk. Regulation (EU) 2024/2847 requires technical documentation under Annex VII covering how you protect this data. CRACheck generates 8 PDF documents. 15-25 minutes. €149 per product model. Browser-side — home layout mapping architectures stay on your device.

Generate CRA dossier — €149Free: check your product classification

€149 one-time · 8-document ZIP · 15-25 minutes · Browser-side

Regulation (EU) 2024/2847 · Art. 31 + Annex VII · 8 documents · 100% browser-side

Key numbers

Home data
Robot vacuums collect floor plans, movement patterns, camera images. Annex I requires data protection.
Default / Class I
Without camera = typically Default. With camera for home monitoring = may be Class I (Annex III.17).
€149
Per appliance model. CRA documentation covering WiFi, camera, LIDAR, cloud and companion app.

CRA documentation for a Chinese smart appliance manufacturer

Every smart appliance in a European home needs CRA documentation. Start with your best-seller.

1
Classify your product
Robot vacuum without camera: Default. Robot vacuum with camera that can monitor the home: may be Class I. Smart air purifier, coffee machine: Default if no security functionality. Use CRACheck classifier.
2
Map data collected
LIDAR floor maps, camera images, WiFi network name, usage patterns, scheduling data, companion app credentials, voice commands (if applicable).
3
Generate CRA dossier
Enter product specifications into CRACheck. 15-25 minutes per model.
4
Review data protection documentation
Annex I Part I point 1(c) requires confidentiality of stored, transmitted and processed data. Annex I Part I point 1(f) requires data minimisation. Document both.
5
Deliver to EU retailers and distributors
MediaMarkt, Amazon, Fnac and EU smart home distributors will require CRA documentation.

Every smart appliance in a European home needs CRA documentation. Start with your best-seller.

Smart appliance CRA mistakes

ANNEX I, PART I, 1(f)

Our robot vacuum collects home data for mapping — that is its function, not a security issue

Annex I Part I point 1(f) of Regulation (EU) 2024/2847 requires products to minimise the processing of personal or other data to the minimum necessary for the intended purpose. Collecting a detailed 3D floor map, storing it in the cloud indefinitely and making it accessible via an API goes beyond the minimum necessary for vacuum navigation. Document your data minimisation approach.

ANNEX III.17

Our vacuum has a camera but it is for obstacle avoidance — not security monitoring

The classification depends on how the product is marketed and what it can reasonably be used for. If your companion app allows the user to view the live camera feed remotely, the camera functions as home monitoring regardless of its primary purpose. Market surveillance authorities may classify it under Annex III point 17. Document conservatively.

ART. 13.5

We use a third-party LIDAR module — their security is their problem

Article 13.5 requires due diligence on third-party components. If the LIDAR module processes spatial data and transmits it to your main processor, you must ensure the data pipeline is secure. The LIDAR vendor's security posture affects your product's cybersecurity. Document the integration.

What each CRACheck dossier contains: 8 documents

Smart appliances combine physical function with digital connectivity. CRACheck generates 8 documents covering the cybersecurity of the digital layer.

1

Product Classifier

Determines product category per Annex III. Defines conformity assessment route under Art. 32.

2

Technical Documentation

Complete technical documentation structured per Art. 31 and Annex VII. All 8 mandatory sections.

3

Risk Assessment

Cybersecurity risk assessment per Art. 13.2 and Art. 13.3. Mapped against Annex I Part I requirements.

4

User Information

Information and instructions per Annex II. Security properties, support period, vulnerability reporting.

5

Declaration of Conformity

EU declaration of conformity per Art. 28 and Annex V.

6

CVD Policy

Coordinated Vulnerability Disclosure policy per Annex I Part II.

7

ENISA Notification Template

Pre-structured for 24h early warning, 72h notification, 14-day final report under Art. 14.

8

Obligations Calendar

Key dates: Art. 14 from 11 Sep 2026, full enforcement 11 Dec 2027, support period per Art. 13.8.

Mira antes de comprar — Descargar dossier de muestra (PDF, empresa ficticia) — Estructura real, artículos reales, formato real. Datos ficticios.

Generated in your browser. No product data is transmitted to any server.

What you pay for smart appliance CRA documentation

🧾 SMART HOME PRODUCT COMPLIANCE CONSULTANCY
€8,000–€18,000
Per product family. 3-6 months.
✓ Last regulatory check: 1 May 2026 · No substantive changes detected · View history