Overview

• The Personal Information Protection Commission (PIPC) fined Temu 1.36 billion won ($970,000) for transferring South Korean user data to China, Singapore, and Japan without disclosure.
• An additional administrative fine of 17.6 million won was imposed for failing to manage contractors and appoint a domestic representative.
• The investigation revealed that Temu collected ID cards and facial videos from sellers without legal justification for a pilot local-to-local service.
• Temu has since revised its privacy policy, disclosed cross-border data transfers, named a domestic agent, and simplified account deletion processes.
• The PIPC has mandated corrective measures and will monitor Temu’s compliance to ensure improved data transparency and oversight.