The Nigeria Data Protection Commission (NDPC) has launched an investigation into the data processing activities of global e-commerce platform Temu over alleged violations of the Nigeria Data Protection Act (NDP Act), 2023.
In a press release dated 16 February 2026, the Commission disclosed that the National Commissioner and Chief Executive Officer, Dr Vincent Olatunji, ordered an immediate probe into the company’s operations in Nigeria.
According to the NDPC, the investigation was triggered by concerns surrounding online surveillance through personal data processing, compliance with accountability obligations, adherence to data minimisation principles, transparency requirements, duty of care, and cross-border data transfers.
Preliminary findings indicate that Temu processes the personal information of approximately 12.7 million data subjects in Nigeria. Globally, the platform reportedly records about 70 million daily active users.
The Commission also issued a warning to data processors operating on behalf of data controllers, stating that entities that fail to verify compliance with the provisions of the NDP Act may be held liable under Nigerian law.