The Nigeria Data Protection Commission (NDPC), has launched an investigation into online shopping platform Temu over alleged violations of the Nigeria Data Protection Act, 2023. The probe follows concerns about the company’s data processing practices and compliance with Nigeria’s privacy regulations.
The investigation focuses on issues including online surveillance, transparency in data collection, accountability, data minimisation, and the cross-border transfer of personal information without adequate safeguards.
According to the commission, preliminary findings show that Temu processes the personal data of about 12.7 million Nigerians, raising concerns about the scale of its operations and whether its data handling practices comply with the law.
In a statement issued on Monday, the NDPC’s Head of Legal, Enforcement and Regulations, Babatunde Bamigboye, said the investigation was ordered by the National Commissioner and Chief Executive Officer, Vincent Olatunji, following growing concerns over Temu’s activities in Nigeria.
He explained that the commission is examining whether the platform complies with data protection requirements, particularly in areas such as lawful data processing, transparency, accountability, data minimisation, and cross-border data transfers. The probe will also assess whether adequate safeguards were put in place to protect users’ personal information and whether proper consent was obtained where required.
Bamigboye warned that data processors working for data controllers must ensure compliance with the law, noting that violations could lead to regulatory sanctions.
