The support period is not a suggestion. Article 13(8) sets a floor: five years from the date you place the product on the market. If your product is expected to be in use for longer than five years, the support period must match that expected use time. During this period, Part II, point (2) of Annex I requires you to address and remediate vulnerabilities without delay. Part II, point (8) requires security updates to be disseminated free of charge. The rationale for how you set the support period must be part of your Annex VII technical documentation. CRACheck generates the documentation structure that captures this rationale alongside the other seven mandatory elements. €149, 15–25 minutes, one-time.
€149 one-time · 8-document ZIP · 15–25 minutes · Browser-side
You enter your product data. CRACheck structures the documentation per Article 31 + Annex VII.
Article 13(8), second subparagraph, is clear: if your product is expected to be in use for longer than five years, the support period must match that expected use time. Setting it at five for a product with a ten-year lifecycle is a documentation gap that market surveillance authorities can challenge.
Part II, point (8) of Annex I requires security updates to be disseminated free of charge during the support period, "unless otherwise agreed between a manufacturer and a business user in relation to a tailor-made product." For standard products, security updates must be free.
Annex VII, point (4) specifically requires the technical documentation to include the relevant information taken into account to determine the support period. A support period stated without rationale does not meet this requirement.
8 PDF documents generated from your data. Each cites the specific article of Regulation (EU) 2024/2847 it complies with.
Sets the product category, which may inform support period expectations. Industrial IoT may face longer expected use times than consumer electronics.
Annex VII, point (4) section specifically structured to capture the support period rationale: expected product lifecycle, user expectations, component support periods, and the resulting determination.
Part I of Annex I requirements include ongoing availability and update mechanisms. The risk assessment must consider threats over the full support period.
Annex II, point 7 requires the product to be accompanied by information about the support period end-date and the type of technical security support offered.
Per Article 28 and Annex V. The support period commitment is part of the overall conformity context.
Must be operational for the entire support period. Part II, point (5) of Annex I requires a policy, not a temporary arrangement.
Article 14 reporting obligations apply throughout the support period, not just at launch. Art. 14(2): early warning within 24h, notification within 72h, final report within 14 days.
Maps your support period start and end dates, security update retention milestones (10 years per Article 13(9)), and ENISA reporting activation.
Mira antes de comprar — Descargar dossier de muestra (PDF, empresa ficticia) — Estructura real, artículos reales, formato real. Datos ficticios.
Generated from your data, in your browser. No data leaves your device.
CRACheck captures the factors behind your support period determination and embeds them in the technical documentation per Annex VII. It also structures the CVD policy, ENISA template, and user information (Annex II, point 7) around the support period timeline.
CRACheck does not build your OTA update infrastructure. It does not staff your vulnerability response team. It does not run security tests per Part II, point (3) of Annex I. The support period is an operational commitment that the documentation records but does not fulfill.
The documentation says "we commit to five years of support." Your engineering team delivers on that commitment. Both layers must exist.
Article 64 of Regulation (EU) 2024/2847.
Failure to handle vulnerabilities per Part II of Annex I during the support period.
Failure to document the support period rationale per Annex VII, point (4) and Article 31.
Providing misleading information about the support period.
| Criterion | No support period defined | 1-year warranty only | Consultant lifecycle plan | CRACheck |
|---|---|---|---|---|
| Art. 13(8) compliance | Non-compliant | Non-compliant (below 5-year min) | Compliant, but €5K–€10K | Compliant, €149 |
| Annex VII, point (4) rationale | Missing | Missing | Custom report | Structured, integrated |
| Time to document | N/A | N/A | 4–8 weeks | 15–25 minutes |
| Regulation update handling | Not tracked | Not tracked | New engagement | Free regeneration |
Each product may have a different expected lifecycle. CRACheck generates independent documentation with product-specific support period rationale. Pack of 10: €99/product.
Request Volume PricingCRACheck generates a structured document based on Article 31 and Annex VII of Regulation (EU) 2024/2847 from the data you input, including the support period rationale per Annex VII, point (4). You are responsible for the accuracy and reasonableness of the factors you declare.
We guarantee that the document structure follows Article 31 and Annex VII and that all cited legal references are correct. We do not guarantee that a market surveillance authority will accept your support period determination in a specific case.
CRACheck is not legal advice. For product lifecycle and contractual support period questions, consult a specialised advisor.
Eight documents. Article 31 + Annex VII fully structured. Regulation (EU) 2024/2847. Your data stays on your device. The ZIP you download is yours forever.