PROFESSIONAL PACKDir. 2014/53/EU + Del. Reg. 2022/30Buy pack — €999
LIVEEnforcement tracker · Deadline dashboard · Transposition status — Updated weekly from EUR-Lex, Safety Gate, OEIL & 12 official sourcesView regulatory intelligence →

Art. 3(3) cybersecurity documentation is a new compliance layer. Every connected product on the EU market needs it. Each dossier takes 15 hours manually. With 70 licenses, each one takes 20 minutes.

You are a compliance professional, a regulatory consultancy, or a technical service provider. Delegated Regulation (EU) 2022/30 activated the cybersecurity requirements of Article 3(3)(d), (e), and (f) of Directive 2014/53/EU on 1 August 2025. Every internet-connected radio product needs documentation covering network protection, data privacy, and fraud prevention. This is a new service line — and the clients are already asking. REDCheck Professional Pack: 70 licenses, €999 one-time. 8 structured PDF documents per product. Generated in your browser in 20 minutes.

Buy pack — €999See what each dossier includes

€999 · One-time · 70 dossiers · 8 PDFs each · Your data never leaves your browser

Built on Directive 2014/53/EU + Delegated Regulation (EU) 2022/30 · Art. 3(3)(d)(e)(f) mapped · Annex V technical documentation · EU Declaration of Conformity (Annex VI) · 100% browser-side — GDPR-native

The numbers that matter for a documentation service

Art. 3(3) cybersecurity documentation is a repeatable, structured deliverable. The regulation defines what goes in. The tool produces it. The professional delivers it to the client and invoices for the service.

70
Dossiers per pack. One license per product per manufacturer. Independent activation.
20 min
Per dossier — vs 10-20 hours of manual drafting for cybersecurity documentation.
8 PDFs
Per product. Scope analysis, Art. 3(3)(d)(e)(f) assessments, technical documentation, DoC, CE marking guidance.

Who uses the professional pack

REDCheck Professional Pack is built for any professional who wants to offer Art. 3(3) cybersecurity documentation as a structured, scalable service to manufacturers and importers of connected products.

📋
Regulatory compliance consultancies
Adding RED cybersecurity documentation to existing compliance service portfolios for electronics manufacturers.
🏷️
CE marking and product conformity firms
Extending RED, EMC, and LVD practices to cover the new Art. 3(3)(d)(e)(f) cybersecurity requirements.
🔐
Cybersecurity and IoT security firms
Complementing penetration testing and security assessments with structured regulatory documentation.
🌍
Trade and import compliance advisors
Helping importers meet Article 12 obligations — verifying that manufacturers have cybersecurity documentation.

What documenting 70 clients costs — with and without the pack

Without the pack
€63,000+
Manual drafting: 70 clients × 15h × €60-120/h of senior staff time
Or outsource to a specialist consultant:
70 clients × €800-2,000 = €56,000-€140,000

Or enterprise compliance platform:
€5,000-15,000/year + onboarding + integration
✓ REDCheck Professional Pack
€999
One payment. 70 dossiers. 20 minutes each.
Total time: 70 × 20 min = ~23 hours
No subscription. No vendor dependency.
No deep radio engineering expertise required.

What this pack actually changes in your practice

Three inputs. Four answers. No signup required.

One license per product
Current time without the tool
Internal cost — not billing rate
×45
Capacity multiplier
Same person. Same hours. More output.
440h
Hours returned to advisory work
Time that goes back to billable engagements
€54,000
Cost of doing it manually
Professional time — documentation alone
First dossier delivered the same day. No setup. No onboarding. No integration project.
Ready on day one
Buy pack — €999
€999 one-time · No subscription · No vendor dependency · Enterprise SaaS alternative: €15,000–30,000/year + weeks of setup

What each dossier includes: 8 structured documents

Every license generates a complete Art. 3(3) cybersecurity documentation package for one product. Each document cites the specific article of Directive 2014/53/EU and Delegated Regulation (EU) 2022/30 it addresses.

1

Product Scope Analysis

Classification per Delegated Regulation (EU) 2022/30: internet-connected, childcare, toy, wearable, payment-capable. Determines which Art. 3(3) requirements apply.

2

Art. 3(3)(d) Network Protection Assessment

Assessment demonstrating the product does not harm the network or its functioning nor misuse network resources. Article 3(3)(d) of Directive 2014/53/EU.

3

Art. 3(3)(e) Privacy & Data Protection Assessment

Safeguards for the protection of personal data and privacy of the user and of the subscriber. Article 3(3)(e) of Directive 2014/53/EU.

4

Art. 3(3)(f) Fraud Protection Assessment

Features ensuring protection from fraud for devices enabling transfer of money, monetary value, or virtual currency. Article 3(3)(f) of Directive 2014/53/EU.

5

Technical Documentation Package

Per Annex V of Directive 2014/53/EU. Product description, design, cybersecurity measures, conformity assessment references.

6

Conformity Assessment Route Analysis

Module determination per Article 17(3) or 17(4) of Directive 2014/53/EU for the applicable Art. 3(3) cybersecurity requirements.

7

EU Declaration of Conformity

Per Annex VI. Manufacturer identification, product identification, applicable requirements, conformity assessment reference. Article 18.

8

CE Marking Guidance Sheet

Printable reference with CE marking requirements, manufacturer contact, applicable Art. 3(3) requirements. Articles 19 and 20.

See before you buy — Download sample dossier (PDF, fictional company) — Real structure, real articles, real format. Fictional data.

How it works — four steps

1
Buy the pack
70 license codes delivered by email via Gumroad. One payment. No subscription.
2
Activate a license
Each license has its own code. Activate when needed. 30-day editing window per license from first activation.
3
Generate the dossier
15-20 minutes. Guided form with references to every article. The client does not need access to the tool.
4
Deliver to the client
8 PDFs in a ZIP file. Structured, article-by-article. Ready for market surveillance inspection or procurement. Invoice the client for the service.

Three mistakes that cost compliance firms time and clients

Pattern 1 — Drafting each Art. 3(3) dossier from scratch

The bottleneck is production capacity, not expertise

A senior consultant who spends 15 hours on each cybersecurity dossier can handle 4-5 clients per month. With 30+ clients waiting, the backlog grows faster than the firm can process. The knowledge is there — the production method is not scalable.

Pattern 2 — Using generic templates that do not map to Article 3(3)

Art. 3(3)(d), (e), and (f) have specific, separate requirements

Network protection (d), privacy safeguards (e), and fraud prevention (f) are three distinct requirements. A generic cybersecurity checklist or ISO 27001 template does not trace back to these specific articles. Market surveillance authorities expect documentation that references the Directive directly.

Pattern 3 — Not offering Art. 3(3) documentation as a service

The competitor who offers it will take the full compliance engagement

A client who needs Art. 3(3) cybersecurity documentation and cannot get it from the current compliance provider will look for one who can. That new provider will offer to handle everything — RED, EMC, LVD, and cybersecurity. The client leaves not because of quality, but because of coverage.

Documentation and implementation: two layers

● LAYER 1 — What REDCheck does

Art. 3(3) cybersecurity documentation

8 structured PDF documents per product. Network protection, privacy safeguards, fraud protection assessments, technical documentation, Declaration of Conformity, CE marking guidance. Generated from input data in 20 minutes. Article-by-article traceability to Directive 2014/53/EU and Delegated Regulation (EU) 2022/30.

∅ LAYER 2 — What REDCheck does not do

Product security implementation and radio testing

Radio frequency testing, encryption implementation, firmware security hardening, penetration testing, protocol analysis, SBOM generation. These are implementation-level services. REDCheck documents the cybersecurity posture — it does not create it.

REDCheck structures and documents. The professional advises and implements. The two layers complement each other — the documentation is the deliverable, the advisory is the value.

What your clients face without documentation

These are the consequences under Directive 2014/53/EU. This is the argument when a client questions whether Art. 3(3) documentation is truly necessary.

🇪🇺
Product withdrawal or recall by market surveillance
Market access blocked

Article 40 of Directive 2014/53/EU. Market surveillance authorities can require corrective measures, withdrawal from the market, or product recall if documentation is insufficient.

🇪🇺
Prohibition of market availability for formal non-compliance
Sales suspended EU-wide

Article 43. Covers failure to produce technical documentation (Annex V), missing or incorrect EU Declaration of Conformity, and non-compliant CE marking.

🇪🇺
National penalties including criminal sanctions
Effective, proportionate, dissuasive

Article 46. Member States impose penalties for infringement of the Directive, which may include criminal penalties for serious infringements.

The clients face these consequences. The professional offers the documentation that prevents them.

Alternatives for documenting 70 clients

OptionCost for 70 clientsTotal timeOutput quality
Manual drafting (Word templates)Professional time only1,050+ hoursVariable, no Art. 3(3)-specific structure
Outsource to specialist consultant€56,000–€140,000Depends on providerHigh, but cost-prohibitive at scale
Enterprise compliance platform€5,000–€15,000/year2-4 weeks setupHigh, requires integration
REDCheck Professional Pack€999 (one-time)~23 hours totalStructured, Art. 3(3), article-by-article

What REDCheck guarantees and what it does not

REDCheck generates a structured documentation package according to Article 3(3)(d), (e), and (f) of Directive 2014/53/EU and Delegated Regulation (EU) 2022/30 from the information that the user enters. The truthfulness, accuracy and completeness of that information is the responsibility of the manufacturer — or of the professional entering data on their behalf.

We guarantee that the document structure follows Article 3(3) of Directive 2014/53/EU, Annex V for technical documentation, and Annex VI for the Declaration of Conformity, and that the legal references cited are correct as of the latest verification date. We do not guarantee that a specific document will be accepted by a market surveillance authority in a specific case, nor by a commercial buyer in a procurement process.

REDCheck is not legal advice. For specific situations, consult a lawyer or specialised regulatory consultancy.

Frequently asked questions — professional pack

How do the 70 licenses work?
Each license is activated with a unique code and is associated with one specific product and manufacturer. One license equals one Art. 3(3) cybersecurity technical documentation dossier. The 70 licenses are used independently. They do not expire as a block — each one has its own 30-day editing window from its individual first activation.
Can I request a refund?
The pack is a digital product governed by Article 16(m) of Directive (EU) 2011/83 on consumer rights. By activating the first license and expressly confirming PDF generation, the buyer consents to the downloadable digital content nature of the product and waives the right of withdrawal. Refunds are accepted only for reproducible technical failures (generator error, PDF that does not download, verifiable bug) within 14 calendar days of purchase.
What if the regulation changes?
Unused licenses will generate the dossier using the updated version of the generator at no additional cost. REDCheck is updated within 48 hours of any regulatory change published in the Official Journal of the European Union.
Do I need legal expertise to use the tool?
No. The generator guides step by step with references to each article of Directive 2014/53/EU and Delegated Regulation (EU) 2022/30. The user enters the product data — manufacturer details, product description, connectivity type, security features, data processing capabilities. The tool structures the dossier according to Article 3(3)(d), (e), and (f) and Annex V. It does not replace legal advice but reduces documentation time from hours to minutes.
How do I position Art. 3(3) documentation as a service line for clients who already have CE marking?
Delegated Regulation (EU) 2022/30 activated cybersecurity requirements that are separate from the EMC, safety, and radio spectrum requirements already covered by existing CE marking. A product can be fully compliant with the traditional RED requirements and still lack Art. 3(3)(d), (e), and (f) documentation. The service is positioned as an additional compliance layer — not a replacement of existing documentation, but a new requirement that existing documentation does not cover. Clients who already have CE marking understand the documentation process; the message is that a new layer has been added, and it needs its own technical file.
Can I generate the dossier using data my client provides, without them accessing the tool?
Yes. Each license is independent. The professional activates a license, enters the product data provided by the client, and generates the documentation. The client does not need access to REDCheck. The output is a ZIP file with 8 structured PDFs that the professional delivers as part of the compliance service.

Official legal sources

Directive 2014/53/EU — Radio Equipment Directive (EUR-Lex) Commission Delegated Regulation (EU) 2022/30 — Cybersecurity requirements for radio equipment (EUR-Lex)
⚠️ Important notice: REDCheck is a self-assessment documentation tool, not legal advice and not a third-party audit. The documents are generated from your input data. You are responsible for the accuracy of the data you provide. REDCheck does not replace a qualified professional assessment.

Art. 3(3) cybersecurity requirements are already in force. Your clients manufacture or import connected products. The question is whether you offer the documentation service — or another firm does.

70 licenses. 8 PDF documents per product. Art. 3(3)(d)(e)(f) structure. Browser-side. One payment.

€999 one-time
70 dossiers · 20 minutes per client · One payment · Directive 2014/53/EU + Del. Reg. (EU) 2022/30
Buy REDCheck Professional Pack — €999

Related

PROFESSIONAL PACK

RED cybersecurity documentation tool for Amazon and marketplace agencies
PROFESSIONAL PACK

RED cybersecurity documentation tool for import compliance advisors
INDIVIDUAL LICENSE

REDCheck — single license from €99