Republic of Korea: Personal Information Protection Commission fined Temu KRW 1.369 billion for violations of Personal Information Protection Act

On 14 May 2025, the Personal Information Protection Commission (PIPC) imposed a fine of KRW 1.369 billion on the e-commerce platform Temu for violations of the Personal Information Protection Act. The PIPC found that Temu had transferred personal data abroad without notifying users and had failed to appoint a domestic agent as required by law. Additional penalties were imposed due to the complexity of Temu’s membership withdrawal process and the improper handling of resident registration numbers during seller verification. The PIPC also issued corrective orders to ensure compliance with regulations, emphasising the need for stronger oversight and improved protection of personal information.