Supplier Data Collection

The hardest part of DPP compliance, fully automated

Supplier data collection is where DPP projects stall. You need material composition, carbon data, certificates, facility information, and compliance declarations from dozens of suppliers — many of whom have never heard of a Digital Product Passport. The platform automates the entire workflow: import suppliers, match them to products, send structured data requests, and validate responses with AI.

Intelligent product-supplier matching

The AI matches products to suppliers using multiple signals. Category-based matching compares GS1 GPC classifications — products categorised as “Puffer Jackets” match to outerwear manufacturers with a confidence score of 0.8. Name and context matching fills gaps where categories alone do not resolve, scored at 0.6 and flagged for human review. You can also upload an existing mapping spreadsheet from your ERP. Every match is presented for review. The AI never creates mappings silently.

A portal suppliers actually want to use

Each data request generates a secure, token-based link. No supplier account required. Suppliers click the link and start immediately. A Gemini-powered assistant greets them in their own language — auto-detected — and explains what data is needed and why, in plain, non-technical terms. Suppliers upload documents in any format: PDF, Excel, Word, images, CSV. The AI extracts structured data automatically. Certificates become standard names, issuing bodies, and expiry dates. Carbon reports become Scope 1/2/3 emissions. Material specs become fibre content, origin, and recycled percentages. When all required fields are extracted, the request auto-completes.

Full visibility, end-to-end

Track every request from sent to submitted. See what each supplier has uploaded, what data has been extracted, and what is still missing. The compliance assistant flags expired certificates, incomplete material breakdowns, and missing REACH declarations. It suggests specific follow-up questions for suppliers with gaps. All validated data flows directly into the DPP data model with full provenance — which supplier provided it, from which document, against which request, and when.

What supplier data is required for DPP compliance?

The EU Digital Product Passport under ESPR 2024/1781 requires supply chain transparency across multiple data categories. The specific data you need from suppliers depends on your product type, but typically includes:

• Material composition / Bill of Materials — Fibre content, percentages, origin country, recycled content, CAS numbers for substances of concern
• Carbon and environmental data — Scope 1, 2, and 3 emissions, water consumption, energy use, methodology (e.g., GHG Protocol)
• Certificates and standards — ISO 14001, OEKO-TEX, GOTS, BSCI, organic certifications, fair trade
• Factory and facility information — Facility name, tier (1 through 4), role, address, GPS coordinates, GLN (Global Location Number)
• Compliance declarations — REACH, RoHS, regulatory declarations with reference numbers and validity periods
• Test reports — Durability, performance, and safety tests with laboratory provenance

The platform’s AI research assistant can tell you exactly which data categories apply to your specific products based on the EPRS framework and relevant delegated acts. The DPP data model maps every supplier data point to its corresponding DPP category.

How does the supplier portal work?

Each data request generates a 32-byte cryptographic secure token and a 30-day expiry link. Suppliers receive an automated email with a direct portal link. No account creation required. No login credentials. Suppliers click the link and start immediately.

Inside the portal, a Gemini-powered AI assistant greets the supplier and explains what data is needed and why. The assistant auto-detects the supplier’s language. A Japanese supplier sees Japanese. A Turkish supplier sees Turkish. The tone is conversational and non-technical, designed for suppliers who may have no familiarity with DPP regulations.

Suppliers upload documents in any format: PDF, Word, Excel, CSV, images, or ZIP archives (up to 10 MB per file). The AI analyses each document and extracts structured data into the appropriate fields:

A single uploaded document, such as a factory-wide ISO 14001 certificate, is automatically applied across all relevant requests from the same brand. When the AI determines all required fields have been extracted, the request auto-completes. If data is incomplete, the AI tells the supplier exactly what is still missing.

How does AI-powered supplier categorisation work?

When suppliers are imported without categories, the AI performs web research on each supplier to determine what product categories they manufacture. For example, searching “Sakura Denim” reveals they produce jeans, denim fabrics, and casual trousers. Inferred categories are aligned to the same GS1 GPC brick categories used for your product catalogue, creating a shared vocabulary between products and suppliers.

This categorisation is what powers intelligent product-supplier matching. Instead of manually mapping hundreds of products to dozens of suppliers, the AI proposes matches based on category overlap (confidence score 0.8) and name/context analysis (confidence score 0.6). All matches are presented for human review before saving. You can also upload an existing mapping spreadsheet from your ERP for the AI to cross-reference.

The dedicated mapping editor provides a full-screen view of all product-supplier relationships with drag-and-drop assignment and bulk operations for large catalogues.

How does validated supplier data flow into the DPP?

Once your team reviews and validates a supplier’s response, the extracted data flows directly into the DPP data model with full provenance tracking:

• Material composition from supplier uploads populates the Composition category
• Certificates (ISO, OEKO-TEX, GOTS) populate Documentation and Social categories
• Carbon and environmental reports populate the Environmental category with Scope 1/2/3 breakdown
• Facility data populates the Supply Chain category with multi-tier facility trees
• Test results populate Technical Performance with lab names and test dates
• Compliance declarations populate Health and Safety with REACH status and CAS numbers

Every data point maintains a chain of custody: which supplier provided it, from which document it was extracted, against which data request, and when. This audit trail satisfies the traceability requirements of the ESPR regulation and the CEN/CENELEC prEN 18221 data storage standard.

How Aura helps

Supplier data collection is where most DPP projects fail. Brands typically spend 2 to 4 months manually onboarding suppliers, chasing emails, and reformatting data. Aura reduces this to 2 to 4 weeks through automated import, AI-powered categorisation, intelligent matching, and a self-service portal that suppliers can use without training or account creation. The AI handles document extraction in any language, auto-completes requests when data is sufficient, and flags gaps with specific follow-up suggestions.

The result is verified, structured supplier data flowing directly into your DPP with full provenance, ready for cryptographic signing and publication.

Frequently asked questions

Do suppliers need to create an account?

No. Each data request generates a secure, token-based link with a 30-day expiry. Suppliers click the link and start immediately. No registration, no login credentials, no IT involvement on the supplier side.

What languages does the supplier portal support?

The portal’s AI assistant auto-detects the supplier’s language and responds accordingly. All 24 official EU languages are supported, plus major non-EU languages like Japanese, Turkish, and Mandarin. This is particularly important for brands with global supply chains where suppliers may not speak English.

What happens if a supplier’s certificate is about to expire?

The compliance assistant monitors certificate expiry dates and flags certificates that are expired or expiring soon. It suggests specific follow-up requests you can send to the supplier to obtain renewed documentation. This is surfaced both in the supplier details view and in the compliance assessment report.

Can a single supplier document be used across multiple data requests?

Yes. Cross-request document reuse is automatic. If a supplier uploads a factory-wide ISO 14001 certificate for one product’s data request, the platform automatically applies it to all relevant requests from the same brand. Suppliers do not need to upload the same document multiple times.