The Irish Data Protection Commission (DPC) has opened an inquiry into Chinese-founded online retailer Shein.
The DPC said the investigation concerns Shein Ireland's transfers of personal data of people in the EU/EEA to China.
The commission said it will examine and assess the extent to which Shein Ireland has complied with its relevant obligations under the GDPR in relation to these transfers.
"When an individual's personal data is transferred to a country outside the EU, the GDPR requires that this personal data is afforded essentially the same protections as it would within the EU," said DPC Deputy Commissioner Graham Doyle.
"Recent regulatory action by the DPC, together with complaints to other European supervisory authorities, has brought data transfers to China, in particular, into focus."
"The inquiry is an important strategic priority for the DPC and we intend to cooperate closely with our peer European Supervisory Authorities as part of the investigation," Mr Doyle said.
A Shein spokesperson said it takes its data protection obligations extremely seriously and is fully committed to complying with the GDPR and all applicable data protection laws.
"Ensuring the security of our customers' personal data is a top priority for our business," Shein said.
"We have been actively engaging with the DPC in recent months on our data protection approach, including a number of important ongoing initiatives that reflect our commitment to maintaining the highest standards in data handling," it said.
"We look forward to presenting that work as part of this process," the company added.
