http://www.legislation.gov.uk/id/ukpga/2022/46

PART 1Product security

CHAPTER 2Duties of relevant persons, etc

Duties of manufacturers

12Duty to maintain records

(1)

A manufacturer of a relevant connectable product must maintain a record of—

(a)

any investigations carried out by the manufacturer in relation to a compliance failure or suspected compliance failure (whether or not as a result of information received as mentioned in section 10(1)(a));

(b)

any compliance failures relating to the product.

(2)

A record of an investigation must contain the following information—

(a)

the outcome of the investigation;

(b)

where the manufacturer determined that there was a compliance failure, details of that compliance failure;

(c)

any steps taken by the manufacturer to remedy the compliance failure and whether or not those steps were successful.

(3)

A record of a compliance failure must contain the following information—

(a)

details of the compliance failure;

(b)

any steps taken by the manufacturer to remedy the compliance failure and whether or not those steps were successful.

(4)

A record of an investigation or a compliance failure must be retained for a period of 10 years beginning with the day on which the record is made.

(5)

In a case where there is more than one manufacturer in relation to a product, the duty of each of those manufacturers to maintain a record under this section may be met by those manufacturers jointly maintaining a single record.

(6)

In this section “compliance failure” means a failure by a manufacturer of the product to comply with a relevant security requirement relating to the product.