Temu, the global e-commerce platform, has responded to an ongoing investigation by Nigeria’s data protection regulator, assuring users that it is committed to safeguarding personal information.
The probe was launched by the Nigeria Data Protection Commission over alleged breaches of the Nigeria Data Protection Act. The regulator said the investigation focuses on how the platform collects, processes, stores, and transfers Nigerians’ personal data.
In a statement sent to The PUNCH on Tuesday, Temu said protecting user privacy and ensuring data security remain central to its operations.
“At Temu, protecting user privacy and data security is a top priority. We are committed to complying with applicable laws and regulations in our data practices,” the company said.
The company added that it would maintain open communication with the Nigerian regulator as the investigation continues.
“We will continue to engage in open and constructive dialogue with the NDPC to address any questions or concerns,” Temu noted.
Earlier, the Nigeria Data Protection Commission disclosed that it initiated the probe after identifying potential concerns in the platform’s data processing activities. According to the commission, the review will examine key areas such as data minimisation, duty of care, transparency obligations, and cross-border transfer of personal information.
The regulator also warned that organisations processing Nigerians’ personal data without complying with the country’s data protection law could face enforcement actions, including financial penalties.
Temu entered the Nigerian market in late 2024 and has quickly gained popularity. The platform is known for its low-priced products, aggressive advertising strategy, and mobile-first shopping model. Within a short period, it is estimated to have attracted millions of Nigerian users.
The rapid growth has increased regulatory attention, especially regarding how large volumes of consumer data are managed.
Under the Nigeria Data Protection Act, the commission is empowered to regulate how organisations collect and process personal data, investigate breaches, and impose sanctions where violations occur.
