• Request for a new password: you need to know the answer to your security question.
• Recover a forgotten password: you need to know the answer to your security question once you click on the verification link sent to your email address.
• Recover your username: if you know your email address associated to the account, a message will be delivered to that email address with all the usernames related to that email address.

A user with a "Legal entity Manager" role can edit or remove the manager or reader role of another user. This will prevent the user from accessing to the relevant application. More information can be found in ECHA Accounts manual.

As mentioned in the ECHA Accounts Manual, the following rules must be applied, when changing/updating a password:

The password must have at least 8 characters and contain three of the following character types: uppercase letter [A to Z], lowercase letter [a to z], number [0-9] and non-alphabetical.

Please also note the following restrictions:

• The password must not contain parts of the username, first name or last name.
• The password cannot be the same as the previously used passwords.
• The password cannot be changed more than once a day. 

In order to solve this issue, please:

1. try to verify your email before using the OTP provided to you by ECHA. If the account is not verified, then you cannot proceed and change the password.
2. contact the ECHA Helpdesk to re-check and reset your account, in case the e-mail verification fails.

Only the business account associated with a LE/Company/Organisation can access an ECHA IT tool (REACH-IT, R4BP, ePIC, ECHA Cloud Services, etc.). If you do not have access to the ECHA on-line IT tools, after the creation of a new user account you need to continue and promote a personal account to a business account.

If you would like to see a detailed description of this process along with a full explanation of all aspects of ECHA accounts, see the ECHA Accounts manual.

A change of company name may happen as a result of:

1. Company name change: Administrative purposes where the legal personality of a company remains the same and only the name of the company changes.
2. Legal personality change: A change of legal entity as a result of a merger, company split, change of only representative or assets sale. 

For clarification on whether a company name or a legal personality change applies, please contact your national helpdesk or BPR competent authorities. 

For further clarification on your legal entity status according to REACH and CLP, please read the ECHA Practical guide 8: How to report changes in identity of legal entities.

Updating a company name change due to administrative purpose

A company name change needs to be communicated to ECHA using available ECHA applications such as REACH-IT, R4BP 3 or ePIC. The company name can be easily changed by logging in to ECHA Accounts through any of the ECHA applications. See steps below:

1. Log into ECHA Accounts
2. Click on “Accounts, Users & parties”
3. Click on the button “Edit” and “Change name”
4. Modify the company name, agree to the disclaimer and upload a supporting document from a national registry to prove the official name change.

Important note: Under the Biocidal Products Regulation (BPR), a company name change is considered legally valid only once an administrative change on request is authorised by your national authorities. Useful instructions on how to submit an administrative change on request (NA-ADC) via R4BP 3 can be found in the chapter “National authorisation – changes on request” of the Biocides Submission Manual: national authorisations. 

Updating a company name change due to Legal entity change (LEC)

A legal entity change entails the transfer of assets from the LEC initiator (account A) to the LEC successor (account B) using ECHA applications. The LEC initiator and successor have distinct legal personalities and, therefore, different accounts (A and B). If the LEC successor has not yet created an account, he will first need to register a new company.

Depending on the regulatory scope, you may need to consider these general guidelines when applying for a legal personality change:

a. REACH and CLP

A legal entity change under REACH and CLP needs to be reported to ECHA and the National Authorities using the REACH-IT legal entity change functionality. The LEC initiator (account A) initiates the process and the LEC successor (account B) validates the transfer. As a result, the assets (e.g. registrations or notifications) will be transferred from account A to account B.

A different process applies for the transfer of applications for authorisation (AfA). Further information on this process can be found in the Q&A 1241.

Additional information on the consequences after a legal entity change can be found in the Q&As 388 and 405.

b. BPR

Under the Biocidal Products Regulation (BPR), an authorisation holder transfer is an administrative change on request. A functionality in R4BP 3 allows the transfer of authorisations (assets) from account A to account B prior to authorisation by the national authorities. Additional information on this process can be found in the video tutorial Processes in R4BP 3: asset transfer via NA/SA-TRS.

For on-going cases pending for authorisation, you can initiate the transfer between accounts to indicate the existence of a new case owner or prospective authorisation holder. Additional instructions can be found in chapter “11.5 Case transfer” of the BSM technical guide: using R4BP 3. Specific provisions apply to the replacement of a participant in the review programme as described in the same manual.

For changes of participants in Article 95, you will need to communicate it to ECHA via the request for corrections of entries on the Article 95 list.

Certain applications, such as technical equivalence or SME verification approval, are valid only for the company who benefited from the decision behind these applications. A new application is required if a different legal entity needs to rely on these application types.

c. PIC

A PIC notification cannot be transferred between two legal entities.
In case of a change of legal personality, the legal successor (i.e new company) will need to submit a new notification via ePIC.

If you are using Internet Explorer, you may experience this problem due to the compatibility view of your browser. To amend this issue, click on the compatibility view button. You may alternatively decide to use a different web browser i.e. Firefox.
 

This error message may be received if you have not logged out from ECHA Accounts after a long time or you follow an unexpected workflow. To solve this issue, click on the "Back" button of your web browser or refresh the page. If the problem persists, close the browser session and access again.

• click on the "Back" button of your web browser;
• select the link in the web browser and press enter; and
• select "account, users and parties".

• Introduce your user details
• Verify the e-mail address (access the e-mail address linked to your user account and click on the verification link)
• Create your legal entity (or company details). If you already have a LEOX (previously created in the IUCLID 5 website or in IUCLID 5), you can import your company details

An ECHA Account is a means by which ECHA can provide services and downloads within a specific legal framework. When creating an account, the account holder has to agree to specific terms and conditions. In general, ECHA Accounts provide access to the following:

1. ECHA IT tools (REACH-IT, R4BP 3, ePIC, Poison Centres Notifications, ECHA Cloud Services, etc);
2. The right to download and install locally ECHA IT tools, for example IUCLID and Chesar;
3. Additional services on the ECHA website, such as the possibility to receive notification on a substance of interest;
4. User account details

• Personal account: This provides access to options (2), (3) and (4) stated above. Notably, a personal account is not associated with a Legal Entity.
• Business account: This type of account provides access to all the options (1) – (4) stated above. A business account is created by promoting a personal account to a business account. Therefore, a personal account must be created first. The promotion process requires either to create a new legal entity after the personal account creation, or to contact (offline) the Legal Entity Manager of an existing legal entity to include the new account in the legal entity.

A full explanation of ECHA accounts is provided in the manual here.

ECHA has updated data in ECHA accounts based on the timestamps of the changes in both systems. New REACH-IT user accounts created after conversion have been converted to new ECHA user accounts and REACH-IT user roles have been merged to users in ECHA accounts.

We have tried our utmost to ensure smooth migration to ECHA accounts. However, in case you notice something lost or not migrated, please contact ECHA Helpdesk for further assistance.

You need to complete these steps only once to access the relevant ECHA IT system:

• You need to provide your former REACH-IT username and password to log in to ePIC R4BP 3 or REACH-IT 3
• Set a new password
• Verify your email – if not done previously in REACH-IT.
• Define the answer to the security question – if not done previously in REACH-IT.

Further details on the steps to carry out the account conversion can be found in chapter 8 of the ECHA Accounts manual.

On 15th November 2018, ECHA changed the method of logging in to the IUCLID, Chesar, and Poison-Centres websites to allow only ECHA Accounts to access them. It is no longer possible to log in to the IUCLID and Chesar websites using the accounts previously created on those websites.

If you have an ECHA account used to access any of the on-line tools provided by ECHA, the account credentials can now be used to log in to the IUCLID and Chesar websites. The on-line tools include: REACH-IT, R4BP 3, ePIC, Poison Centres Notifications Portal, and the ECHA Cloud Services.

If you do not have an ECHA account, and you want to access either the Chesar or the IUCLID website to download software, you will have to create an ECHA account first. This can be done from the ECHA website by following the steps:

• Click on “sign in” (top right hand corner)
• Select “personal or other account”
• Click on “sign-up”

Once the account has been created, you will receive a verification email. You will be able to sign in to your account once the email has been verified.

If you want to continue receiving news alerts via email for either IUCLID or Chesar, you must log in with an ECHA Account, and activate the relevant options under My Account from within the appropriate website(s).

For more information consult ECHA account Q&A's