Using Google Fonts Violates GDPR? Reasons and Solutions

You can’t use Google fonts for your eCommerce website?

On 20th of January  2022, The German court declared that Google fonts don’t stay GDPR/DSGVO compliance. 

Due to that reason, EU’s Shopify users were suspended using Fonts from Google. This violation also had an impact on the visitors from the EU significantly. 

In this article, we would love to explain how Google Fonts exactly miss GDPR’s compliance and how you can fix this error for your Shopify store.

What is GDPR? 

Well-known as the toughest privacy and security law in the world, the General Data Protection Regulation (GDPR) has been enacted and set to effect back since May of 2018 by European Union, with the aim to protect the individual data and privacy of EU citizens. The penalty for the privacy invasion can reach tens of millions of euros.

According to GDPR, there are 7 Data protection requirements that you need to obligate:

1- Lawfulness, fairness, and transparency — The data-gathering process must be lawful, fair, and transparent to the data subject.

2- Purpose limitation — You must process data for the legitimate purposes specified explicitly to the data subject when you collected it.

3- Data minimization — You should collect and process only as much data as absolutely necessary for the purposes specified.

4- Accuracy — You must keep personal data accurate and up to date.

5- Storage limitation — You may only store personally identifying data for as long as necessary for the specified purpose.

6- Integrity and confidentiality — Processing must be done in such a way as to ensure appropriate security, integrity, and confidentiality (e.g. by using encryption).

7- Accountability — The data controller is responsible for being able to demonstrate GDPR compliance with all of these principles.

[ecom-global-block]ecom-shopify-trial-block[/ecom-global-block]

What is Google fonts?

Founded by Google LLC or by Google Ireland Limited, Google fonts provides an interactive web directory and APIs for using the fonts via CSS and Android. 

Google Fonts optimize your website performance while making it more beautiful at the same time. Moreover, it helps avoid licensing problems since Google Fonts service is free to use.

Here are some most popular fonts in the Google Fonts library, including Roboto, Open Sans, Lato, Oswald, Montserrat, Source Sans Pro, and so on.

How Google fonts works? 

In general, Google Fonts seems innocuous. It's simply a collection of typefaces that will enhance the look and performance of your site, as well as assist you avoid licensing issues in the future.

But the problem starts when your computer, or your audience’s computer, opens your website and automatically requests the Google Fonts files from Google’s servers. To send you the font, Google hamust know where to send it first, whicheans it needs to collect your IP address. 

That specific action is what violates GDPR. We will let you know why. 

Why using Google fonts violated GDPR? 

A court in Munich, Germany, ordered on January 20, 2022, that a website owner must pay €100 in damages to an unidentified website visitor. The damages entailed Google receiving the visitor's IP address via the server request for Google Fonts.

This means that any European nationals who visit your website and request Google Fonts from Google's servers are visitors who can sue you for invading their privacy.

To emphasize, the GDPR is applicable outside of Europe. The GDPR's entire purpose is to protect the personal information of European people. So, whether you're from the United States or another country, if someone from the European Union sees your website, you're still liable for any violations of the GDPR and your EU visitors.

These infractions could lead to a lawsuit and a punishment of up to €20 million, or 4% of your global market share. Whichever comes first.

To make it simple to understand, we’ll go through the step-by-step process of how Google Fonts violates the GDPR.

Here’s what happens when someone opens your website:

1- A visitor finds your website

2- In order to display the content visitor wants to see, he/she has to download the website

3- Google Fonts is integrated into your website, however the font file is not hosted locally. As a result, the visitor must obtain the Google Fonts file from Google's servers.

5- Google will use visitor’s IP to address deliver the desired font.

6- The Google server records the IP address of your visitor and sends them the Google Font file.

7- Your website loads with the provided Google Fonts file. But, Google doesn’t delete your visitor’s IP address.

Whenever a visitor accesses a page on your website, Google receives the visitor's IP address. Why? Because Google requires the IP address of the visitor in order to transmit the Google Fonts files to your visitor.

If the website visitor is someone from the European Union, then Google storing the European citizen’s IP address breaches the GDPR privacy act.

Instant solutions to use Google Fonts while being GDPR compliant

Your website is in the green zone as long as Google doesn’t get your visitors' IP address through Google Fonts.

Here's what you can do for your Shopify store to prevent being penalized or sued for violating the GDPR with Google Fonts.

1. Use Fontify - Google & Custom Fonts

Fontify is well-known as one of the Top Shopify apps in Font Customization. This app supports you in using any fonts - both Google and custom fonts! If you want to use custom fonts, just import your font file. Fontify will solve everything rest. No coding headache.

Especially, Fontify ensure you to use Google fonts without GDPR violation. 

Grab Fontify- Google & Custom fonts here

To understand how to configure Fontify in details, explore here.

Pros:

– Freely download and using several Google fonts that 100% GDPR compliant

– Very simple to use, take you a minute to apply any fonts

– Maintain page loading speed

Cons: 

– You need to charge Local Google Fonts (One-time purchase).

2. Use Google Fonts GDPR Compliant - EComposer’s extension

Good news for EComposer’s User! 

You can eliminate the need for your visitors to give Google their IP address.

Along with updated functional elements stock and a huge trending template library for multi-purposes, EComposer Landing Page Builder has already published Google Fonts GDPR compliant extension which allows you to use Google Fonts while not directly violating GDPR. It means your users don’t need to give their IP addresses to Google. 

To apply this extension for your store, follow the below steps:

Step 1: Install EComposer

Click here to add EComposer Visual Page Builder app to your store.

Step 2: Add Extension

Find Google Fonts GDPR compliant by

- Click on the Extension icon at the top left corner.

- Under the Extension tab, click Add more.

After seeking “Google Fonts GDPR compliant”, install it, then drag and drop to any place on your customizing page.

Step 3: Enable extension

Back to settings section on Google Fonts GDPR compliant’s settings, choose “Enable”.

The extension will store all of the fonts from EComposer to Shopify CDN instead of importing from Google. 

To understand EComposer’s Google fonts GDPR compliant configuration in details, explore here.

Pros:

– You can use a huge range of Google and custom fonts given by EComposer, and still in GDPR compliance effortlessly (No Coding require).

– No impact on site loading speed.

Cons: 

– You need to charge to use this extension, which’s worth $19.00 (one-time purchase)

Exclusive offer: Use Code ECOMPOSER20 to get 20%OFF for any EComposer plans and own FULL huge free and paid extensions library here

[ecom-global-block]ecom-open-store-block[/ecom-global-block]

3. Host Local Google fonts

Saving the Google Fonts resources locally to your website server avoids the need to retrieve the resources from Google's servers.

This can be accomplished by downloading the Google Fonts files and uploading them to your web server. After that, you'll need to make some changes to your theme files to control the font-face of your sites.

Pros: 

– You can use Google fonts and still in GDPR compliance.

Cons:

– Your customers need to download non-existing fonts for your laptop. It will affect significantly to your site loading speed.

– This can be somewhat complicated, especially if you have no prior CSS or code skills.

4. Use Shopify system fonts

On your Shopify online store, you can customize the font style of the text. You can use either the system typeface or a custom font.

Using system fonts prevents your customers' computers from downloading new fonts, which can slow down your store's load speed. The typeface shown on your customer's PC is determined by their operating system.

You can choose from mono, serif, or sans-serif font families. When using any of these font families, you can still employ font styles like bold or italic.

The typeface shown on your customer's PC is determined by their operating system. When you pick a system font family, the fonts listed below may be utilized to generate text:

– Mono: Menlo, Consolas, Monaco, Liberation Mono, or Lucida Console

– Sans-serif: BlinkMacSystemFont, Segoe UI, Roboto, Ubuntu, or Helvetica Neue

– Serif: Iowan Old Style, Apple Garamond, Baskerville, Times New Roman, Droid Serif, Times, or Source Serif Pro

Pros:

– No fee of charge

– Prevent from slow page loading speed.

Cons: 

– There are no longer diverse fonts for your Shopify store.

[ecom-global-block]ecom-shopify-commerce-coach-block[/ecom-global-block]

Wrap up

We hope via this article, you’ll eliminate the need for your visitors to give Google their IP address, use Google Fonts freely and not directly violate GDPR.

Please feel free to share our guide with your social network group if you find it useful. 

Also, don't hesitate to get in touch with us if you have any questions. We are always eager to hear from you.

Don't forget to let us know via live chat from the EComposer app if you need any help.

=================

Install Fontify- a product of The4 here

Add EComposer Next generation page builder Here

Follow Us on Facebook

Join Official Community