EEA, UK, Switzerland
Last Updated: September 16, 2025
For the purpose of the Privacy Policy, personal information shall have the meaning of “Personal Data” as referred to in the General Data Protection Regulation (“GDPR”), the UK GDPR and the Swiss Federal Act on Data Protection, i.e. any information that relates to an identified or identifiable natural person (the "Data Subject").
Your Rights as a Data Subject
In the cases and under the conditions stated by GDPR, you have the following rights and choices:
Right to access. You have the right to obtain from us confirmation as to whether or not we are processing Personal Data concerning you, and, where that is the case, access to the Personal Data and certain information about the processing.
Right to erasure. You have the right to request that we delete Personal Data we maintain about you without undue delay if and to the extent that the Personal Data is no longer necessary in relation to the purposes for which it was processed, you have withdrawn your consent on which the processing is based, and where there is no other legal basis for the processing. In addition, we will erase your Personal Data if you object to the processing and there are no overriding legitimate grounds for the processing, the Personal Data have been unlawfully processed, or the Personal Data must be erased to comply with a legal obligation under the laws of EU, EEA, UK, or Switzerland to which we are subject.
Should you no longer want to use the Service, you can permanently delete your account by visiting your account profile and choosing to close account.
Right to rectification. You have the right to request that we correct inaccurate Personal Data we maintain about you.
Right to restriction of processing. You have the right to request that we restrict the processing of your Personal Data in any of the following circumstances: (i) if the Personal Data is inaccurate, its processing can be restricted for the period of time it takes for us to verify its accuracy; (ii) if the processing is unlawful and you object to your Personal Data being deleted, you can instead request that its processing be restricted; (iii) if we no longer need your Personal Data but you require us to retain it in order for you to bring, or defend against, a legal claim; and (iv) if you have objected to our processing of your Personal Data but we rely on a legitimate interest to process it and you are awaiting the conclusion of our legitimate interest assessment.
Right to data portability. You have the right to request that we provide the Personal Data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format. This applies where the processing is based on consent or contractual necessity and the processing is carried out by automated means. Also, you have the right to have the personal data transmitted directly from one controller to another, where technically feasible.
Right to object. You have the right to object, on grounds relating to your particular situation, at any time to processing of Personal Data concerning you, including profiling, which is based on a task carried out in the public interest or on a legitimate interest. We will no longer process the Personal Data in case of such objection unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
Right to object (direct marketing). When we process Personal Data for the purpose of direct marketing, including profiling relating to such direct marketing, you have the right to object at any time to the processing of your Personal Data for this purpose. See the “Your Rights and Choices” section on ‘Opt-out from Marketing Communications’ for further information.
Right to withdraw consent. You have the right to withdraw your consent to the processing of your Personal Data at any time, where processing is based on your consent. The withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.
Right to object to/opt-out of automated decision making. You have the right not to be subject to a decision based solely on automated processing (i.e., an operation that is performed without any human intervention), if it produces a legal effect (i.e., impacts your legal rights) or similarly significantly affects you (e.g., significantly affects your financial circumstances or ability to access essential services), or to opt out of the processing of your Personal Data based on automated decision making. Temu does not make decisions based solely on automated processing that produce a legal effect or that similarly significantly affect individuals.
Right to lodge a complaint with a supervisory authority. You have the right to lodge a complaint with our EU lead supervisory authority, the Irish Data Protection Commission for Sellers in the EU, the UK Information Commissioner’s Office for Sellers in the UK, the Federal Data Protection and Information Commissioner for Sellers in Switzerland, or your local supervisory authority.
These rights can be limited, for example, if fulfilling your Data Subject rights request would reveal Personal Data about another person, if the exercise of these rights would infringe the rights of a third party (including our rights), or if your request relates to information which we are required by law or for certain reasons of public interest to keep. Relevant exemptions are included in both the GDPR, UK GDPR and other applicable laws.
You can exercise any of these rights by submitting a request to sellersupport-eu@temu.com. We will not discriminate against you for exercising any of these rights. In certain circumstances, we will need to collect additional information from you to verify your identity, before providing a substantive response to the request. You can also designate an authorised agent to make requests on your behalf to exercise your rights. Before accepting such a request from an agent, we will require that the agent provide proof you have authorised them to act on your behalf, and we may need you to verify your identity directly with us.
Other Choices. Please see the Seller Cookie Policy for additional choices and rights you may have and how to exercise such choices and rights.
Legal Basis
We rely on the following legal bases to process Personal Data – the applicable legal basis depends on the specific purpose for which Personal Data is used:
-
Performance of a contract: when we provide our Services, or communicate with you about them. This includes when we use your Personal Data to develop, improve, support, and provide the Service, allowing you to create, maintain and manage your account and use its features while fulfilling and enforcing our Temu Seller Services Agreement. If you are a representative of a legal entity (or a beneficial owner), we rely on our legitimate business interests as stated below when processing your Personal Data for the purposes noted in the “How and Why We Process Your Information” section.
-
Our legitimate business interests and the interests of third parties, provided these interests are not outweighed by your interests or fundamental rights and freedoms: this includes when we optimize features, analyse performance metrics, fix errors, improve the Service and our business, communicate with you (including direct marketing communications), detect and prevent fraud and abuse in order to protect the security of our customers, Sellers, ourselves, or others.
-
Your consent: when we ask for your consent to process your personal information for a specific purpose that we communicate to you including, where required by applicable law, for processing of biometric information for identity verification. When you consent to our processing of your Personal Data for a specified purpose, you may withdraw your consent at any time and we will stop processing of your data for that purpose.
-
Compliance with a legal obligation: when we use your Personal Data for compliance purposes and to comply with the applicable laws, lawful requests, and legal processes (e.g., responding to subpoenas or requests from government or regulatory authorities, or where there is a mandatory duty to report criminal offences); to protect our, your, and other users' rights, privacy, safety, or property (including the establishment, exercise or defence of legal claims); to audit internal processes to ensure compliance with legal and contractual requirements and our internal policies; to enforce the terms and conditions that govern the Service; to prevent, identify, investigate, and deter fraudulent, harmful, unauthorised, unethical, or illegal activities, including cyberattacks and identity theft.
-
These and other legal bases depending on the purposes we described in the “How and Why We Process Your Information” section.
Our Global Operations and Data Transfers
To support our global operations:
-
We store the information described in the “What Information We Collect” section in servers located in the EEA.
-
Certain of our subsidiaries and affiliates, located outside the EEA, UK and Switzerland, are given, under standard contractual clauses (or their approved equivalent for Switzerland), limited access to some of your Personal Data to provide organizational, technical, legal and compliance support for the Service, including for the purposes for providing services, detecting irregular activities and safeguarding our Service or the public safety. This access is limited, secure and only granted where necessary under strict security controls. See the “How and Why We Share Your Information” section for more information.
-
We share your Personal Data with service providers and other third parties described in the “How and Why We Share Your Information” section, which can be located outside the EEA, UK and Switzerland.
All of our subsidiaries, affiliates, service providers and other third parties described in the “How and Why We Share Your Information” section are bound to process your Personal Data in compliance with applicable privacy laws and, if located outside the EEA, UK and Switzerland, to implement appropriate security measures and safeguards to grant the same level of protection to your Personal Data as is guaranteed within the EEA, UK and Switzerland.
When we transfer your information outside of the EEA, UK and Switzerland, we ensure it benefits from an adequate or essentially equivalent level of data protection by relying on:
-
Adequacy decisions. These are decisions from the European Commission, the UK or the Swiss Government under Article 45 GDPR/UK GDPR (or equivalent decisions under other laws) which recognize that a country offers an adequate level of data protection. We can transfer your Personal Data detailed under the “What Information We Collect” section, as described in the “How and Why We Share Your Information” section, to some countries with adequacy decisions, such as the countries listed here; or
-
Standard contractual clauses. The European Commission has approved contractual clauses under Article 46 of the GDPR that allow companies in the EEA to transfer data outside the EEA. These contractual clauses (and their approved equivalents for the UK and Switzerland) are called standard contractual clauses. We rely on standard contractual clauses to transfer Personal Data detailed under the “What Information We Collect” section, as described in the “How and Why We Share Your Information” section, to certain affiliates, service providers, and third parties in countries without adequacy decisions.
In certain situations, we may rely on derogations provided for under applicable laws to transfer information to a third country.
Click the following links to learn more about adequacy decisions (or equivalent links under applicable laws) or standard contractual clauses (or equivalent links under applicable laws). To request a copy of our standard contractual clauses (or their approved equivalent for Switzerland), please contact us at any time at sellersupport-eu@temu.com.
If you have any questions or comments about our Privacy Policy or the terms mentioned, or if you wish to contact our Data Protection Officer by email, you may contact us at any time at sellersupport-eu@temu.com.
If you wish to contact our Data Protection Officer by post, you can send mail to the following address of Temu's Data Protection Officer - Whaleco Technology Limited, First Floor, 25 St Stephen’s Green, Dublin 2, Ireland.