Facts:

The Applicant in this case, Chukwunweike Akosa Araka, is a registered and frequent user of the now-defunct Jumia Food, a food delivery service offered by Ecart Internet Services (the 1st Respondent), which allows users with smart devices to access local restaurants. The business model of the food delivery platform involved users signing up with their personal details. In turn, Jumia Food, in order to fulfill a food order placed by a customer, would forward the customer’s food order along with the customer’s phone number and address to the restaurant from which the food was ordered. Domino’s Pizza, a restaurant chain owned and operated by Eat ‘N’ Go Limited (the 2nd Respondent), was the Applicant’s favorite vendor on Jumia Food. However, the Applicant has never, at any time, provided Domino’s Pizza with his phone number or house address. In March 2023, the Applicant placed three separate orders from Domino’s Pizza through Jumia Food. Seven months later, the Applicant began receiving direct marketing messages from Domino’s Pizza as a result of his contact details being provided by Jumia Food.

On 5th January 2024, the Applicant sent an email to the 1st Respondent requesting information about how his personal data was used by both the 1st and 2nd Respondents. On 15th January 2024, the 1st Respondent replied, denying liability for privacy infringement and explaining how his personal data was used. Subsequently, the Applicant sent a letter to the 2nd Respondent requesting that they stop processing his personal data for storage and direct marketing purposes. However, the direct marketing messages persisted, with the Applicant receiving messages on 10th, 11th, 7th, 15th, and 25th May 2024. These messages were re-initiated after the Applicant placed another order on 30th March 2024 using the Glove App.