Google Fonts – A GDPR Heads up

We always aim to keep on top of the latest information where we can here at HQ and although we are not responsible for a clients websites privacy declarations or compliancy with the latest laws and regulations, we always give the heads up where we can and can advise or assist with helping them with their compliancy online.

Which brings me to the latest – GDPR Germany court ruling on Google fonts. Many site owners are still unaware of this.

A German Court has declared Google Fonts is not in compliance with GDPR/DSGVO.

That’s okay I don’t sell to Germany or the EU anyway – just UK..”

Unfortunately the issue is regarding the privacy of the user, so it is something to look into.

“According to a judgment of the Munich Regional Court of January 20th, 2022, you may be entitled to a claim for damages if Google reloads fonts. This is mainly due to the fact that data is sent to the USA without the consent of the visitor and without technical necessity .”

What do I need to be aware of when using fonts on my website?

Most of the time with the added assistance of page builders, extensions, themes – we are able to style within a plethora of Google fonts in our pocket. This is also the case with other page builders and online built websites. The problem however, comes to how these are currently being loaded on websites.

How does hosted Google font load effect by website?

When the visitor of visits a website that has not yet cached the required Google based fonts to display the page correctly – a request to Google’s server will be made to acquire the assets / files which are then stored in the users browser to load on page.

The tricky part is that in this case information / data from the user (IP address) would then be stored which is personal data according to GDPR rulings.

What can I do?

Well, the best option at current is to ensure you are loading your website fonts locally and hosting them on your server instead of grabbing these through Google’s API.

We also strongly suggest each website has a GDPR compliance tool that regularly scans their website to assist in staying compliant.

We do advise each client to have get support from GDPR specialists or regulatory support to ensure their company website is acting compliant and up to date with the latest regulations.

But wait – how do I know if I am or not? What can I do to check?

To check whether your website is loading fonts from Google we recommend running your website through this great Google font checker

We are currently assisting clients with compliance software integration and assisting them with ensuring they are loading fonts locally

Reach out and speak to us today at hello@workingwithwordpress.com

Leave a Comment