Papr Walls - Walls with Personality The cutest kids' wallpaper for cool children's rooms!

Free shipping from €20 (NL)

info@paprwalls.com

Privacy Policy

[Last updated: May 2026]

Online Store Academy, trading as Papr Walls (hereinafter: "Papr Walls", "we" or "us"), attaches great importance to the protection of your personal data. In this privacy statement, we clearly explain what personal data we collect, why we do it, how long we store it, and what rights you have.
We process personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable privacy legislation.

1. Who is responsible for the processing?

The data controller for the processing of your personal data is:
Online Store Academy, trading as Papr Walls
Legal form: sole proprietorship
Address: Stroinksbleekweg 48, 7523 ZL Enschede
Email address: info@paprwalls.com
Phone number: 053-2311722
Chamber of Commerce number: 69666784
VAT identification number: NL001748502B59

2. What personal data do we process?

Depending on how you use our webshop, we process the following categories of personal data:

2.1 When placing an order

  • First and last name
  • Address details (invoice and delivery address)
  • Email address
  • Phone number
  • Payment details (processed via our payment service providers; we do not store full credit card or bank details)
  • Order history and product preferences


2.2 When creating an account

  • Login details (email address and encrypted password)
  • Account preferences

2.3 When contacting our customer service

  • Name and contact details
  • Content of your message and correspondence


2.4 When subscribing to our newsletter

  • Email address
  • First name (if provided)

2.5 When visiting our webshop

  • IP address
  • Browser type and version
  • Pages visited and click behavior
  • Device and operating system information
  • Cookies (see also our cookie statement for this)
3. For what purposes do we use your personal data?

We process your personal data for the following purposes:

  • Performance of the agreement: to process and ship your order and handle payments.
  • Customer contact: to answer questions, complaints, and requests.
  • Account management: to create and manage your account and make your order history accessible.
  • Marketing and newsletters: to inform you about new products, offers, and collections, provided you have given consent or if you are already a customer (opt-out possible).
  • Analysis and improvement: to analyze the use of our webshop and improve our products, services, and website.
  • Legal obligations: to comply with our legal obligations, such as the retention period for the tax authorities.
  • Fraud prevention: to prevent fraud, abuse, and other unlawful acts.
4. On what basis do we process your data?

We process your personal data based on the following legal grounds from the GDPR:

  • Performance of a contract (Art. 6(1)(b) GDPR): for processing orders and delivering products.
  • Legal obligation (Art. 6(1)(c) GDPR): for example, for tax retention obligations.
  • Consent (Art. 6(1)(a) GDPR): for example, for sending newsletters or placing non-functional cookies.
  • Legitimate interest (Art. 6(1)(f) GDPR): for example, for improving our services, fraud prevention, and direct marketing to existing customers.
5. With whom do we share your personal data?

Papr Walls never sells your personal data to third parties. We only share your data with parties that help us provide our services. We enter into a data processing agreement with all these parties if required. We work with, among others:

  • Shopify: for hosting and managing our webshop.
  • Payment service providers: Klarna, Mollie or Stripe (depending on the chosen payment method), iDEAL, Bancontact, credit card companies, and PayPal.
  • Shipping partners: such as PostNL, DHL, DPD, or similar courier services for the delivery of your order.
  • Email marketing service: for sending newsletters and transactional emails.
  • Analytics providers: such as Google Analytics, for analyzing website usage.
  • Accounting service providers: for our administration and financial obligations.
  • IT suppliers: for the management and maintenance of our systems.

In exceptional cases, we may share data with government agencies or supervisory authorities if we are legally obliged to do so.

6. Transfer outside the European Economic Area (EEA)

Some of our service providers, such as Shopify and Google, are located outside the EEA or process data in countries outside the EEA. If this is the case, we ensure that appropriate safeguards are in place, such as:

  • Standard Contractual Clauses (SCCs) approved by the European Commission.
  • Adequacy decisions of the European Commission (such as the EU-US Data Privacy Framework).
  • Additional technical and organizational measures where necessary.

Because we ship worldwide, we may also share address data with shipping partners outside the EEA, to the extent necessary for the delivery of your order.

7. How long do we retain your data?

We do not retain your personal data longer than necessary for the purposes for which it was collected, unless we are legally obliged to retain it longer.

Indicative retention periods:

  • Order data and invoices: 7 years (statutory tax retention obligation).
  • Account data: as long as your account is active, plus 1 year after the last activity or earlier at your request.
  • Customer service correspondence: maximum 2 years after handling.
  • Newsletter data: until you unsubscribe.
  • Website analytics: maximum 26 months.
  • Cookies: see our cookie statement for specific retention periods per cookie.
8. How do we secure your data?

We take appropriate technical and organizational measures to protect your personal data against loss, misuse, unauthorized access, disclosure, alteration, or destruction. For example, we use:

  • SSL encryption for all data traffic on our webshop.
  • Secure hosting environment via Shopify.
  • Limited access to personal data, only for employees who need it for their work.
  • Encrypted storage of passwords.
  • Regular updates and security checks.

Should a data breach occur despite our measures, we will report this to the Dutch Data Protection Authority and, where necessary, to the data subjects, in accordance with legal obligations.

9. What rights do you have?

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access: you may request to know what personal data we process about you.
  • Right to rectification: you may have inaccurate data corrected or completed.
  • Right to erasure (right to be forgotten): you may request to have your data erased, unless we are legally obliged to retain it.
  • Right to restriction of processing: you may request to temporarily restrict the processing of your data.
  • Right to data portability: you may request your data in a structured, commonly used format or have it transferred to another party.
  • Right to object: you may object to processing based on legitimate interest, including direct marketing.
  • Right to withdraw consent: if the processing is based on consent, you may withdraw it at any time without affecting the lawfulness of previous processing.


You can submit a request via info@paprwalls.com; to prevent misuse, we may ask you to identify yourself. We will respond to your request within four weeks.

10. Filing a complaint with the supervisory authority

If you disagree with how we handle your personal data and we cannot resolve it together, you have the right to file a complaint with the Dutch Data Protection Authority. This can be done via:
Dutch Data Protection Authority
P.O. Box 93374, 2509 AJ Den Haag
Website: https://autoriteitpersoonsgegevens.nl
If you reside in another EU country, you can also contact the supervisory authority in your country.

11. Cookies

Our webshop uses cookies and similar technologies. For a complete overview of the cookies we place, their purpose, and retention period, please refer to our cookie statement on paprwalls.com/cookies.
When you first visit our webshop, we ask for your consent to place non-functional cookies. You can adjust your cookie preferences at any time via our cookie banner.

12. Minors

Our webshop is not aimed at individuals under the age of 16. We do not process personal data of minors without the consent of parents or legal representatives. If you believe that we have collected personal data about a minor without consent, please contact us at info@paprwalls.com, and we will delete this information.

13. Changes to this privacy statement

Papr Walls reserves the right to amend this privacy statement, for example, in the event of changes in legislation or changes in our services. The most recent version is always available on our webshop. In the event of significant changes, we will actively inform you, for example, by email or through a notification on the website.

14. Questions?

Do you have questions about this privacy statement or about how we handle your personal data? Please feel free to contact us via:
Email: info@paprwalls.com
Phone: 053-2311722
Post: Papr Walls, Stroinksbleekweg 48, 7523 ZL Enschede