Hosting Fonts Locally – GDPR/DSGVO Compliant Google Fonts


Using Google Fonts is the most easiest way to add Fonts in your website which are reliable, free to use and maintain consistency across all browsers. But recently in January 2022, Germany declared that Google Fonts are not compliant with GDPR/DSGVO. 

Are Google Fonts GDPR Compliant?

Short answer is no. They are not. Google uses the API to know the IP Address of the user who are requesting the fonts from the website. And according to GDPR IP address is a personal information and can not be stored without the user consent.

How To Make Google Fonts GDPR Compliant?

There are basically two methods of making Google Fonts GDPR Compliant.

Method 1:

If you already have a WordPress website live and using Google fonts. Then the quickest way is to use a plugin. Install and configure the plugin and you are all set. We recommend following free plugin which does the job pretty nicely. 

Method 2:

Assuming you are starting a website and you want to use the Google fonts. Then you can still use them without using the plugin.

  1. First step is to download the font from Google.
  2. Once you download the font, the ZIP file will contain all the variation of the fonts in TTF format. Now TTF are supported in all modern browser. But the problem with TTF format is that they are big in size (Compare to other font formats). Let’s take Roboto-BlackItalic as an example. Its file size is 95KB. But if we take the woff/woff2 version then the size is reduced drastically and they are supported in all browsers as well.
  3. How to convert TTF to WOFF/WOFF2? 
    The best tool to use is fonts-squirrel webfont generator 
    Upload the fonts and select the OPTIMAL settings and download your kit.
  4. Once you download the KIT. You can see that from 95KB the size reduced to 23/30KB respectively for WOFF2/WOFF.
  5. Final step is to include those fonts into your WordPress theme using wp_enqueue_style().

Above steps will load Google fonts locally (self hosted) and your website will be GDPR/DSGVO compliant.