Beautiful fonts can help you create a stunning website, but they can also put your website at risk.
If you use Google Fonts, and many WordPress themes do by default, you may be breaching EU privacy regulations like GDPR. This can potentially lead to hefty fines and legal trouble, especially if you have visitors from Europe.
But don’t worry, there are solutions. In this article, we’ll explore the privacy concerns surrounding Google Fonts and show you how to make your WordPress website privacy friendly.
Why Are Google Fonts Not Privacy-Friendly?
Your WordPress website’s typography plays an important role in your design and brand identity. That’s why many website owners customize their typography by using Google Fonts.
However, when someone visits a website that uses Google Fonts, their IP address is logged by Google when the fonts are loaded. This is done without their permission, and the European Union considers it a breach of privacy regulations.
This means that websites using Google Fonts are no longer GDPR compliant. That’s an important legal consideration if you have website visitors from the European Union because it may make you liable for damages (of course, you should consider your legal advisors before taking any action).
With that being said, let’s take a look at how to make Google Fonts privacy-friendly. We will cover two methods, and you can use the list below to jump to the one you wish to use:
Method 1: Host Google Fonts Locally in WordPress
One way to make Google Fonts privacy-friendly is to host them locally in WordPress. Luckily, that’s easy to do by using a plugin.
The first thing you need to do is install and activate the OMGF (Optimize My Google Fonts) plugin. For more details, see our step-by-step guide on how to install a WordPress plugin.
Upon activation, you need to visit Settings » Optimize Google Fonts to configure the plugin. You will see a statement that the default settings will automatically replace your Google Fonts with locally hosted copies.
All you need to do is scroll down the page and make sure that the ‘Font-Display Option’ has the default setting of ‘Swap (recommended)’ selected.
After that, simply click the ‘Save & Optimize’ button at the bottom of the page.
You’ll see a message at the top of the screen that says, ‘Optimization completed successfully.’ Your Google Fonts are now hosted locally.
To learn more, see our guide on how to host local fonts in WordPress, including how to do this manually without a plugin.
Method 2: Disable Google Fonts in WordPress
Another way of avoiding the privacy issues of using Google Fonts is to disable them altogether and simply use the system fonts installed on your users’ computers. We did this when we redesigned the WPBeginner website, and it improved our page load times.
Simply install and activate the Disable and Remove Google Fonts plugin. For more details, see our step-by-step guide on how to install a WordPress plugin.
Upon activation, the plugin will automatically disable all Google Fonts used by your theme and plugins. It doesn’t need to be configured.
Now, WordPress will automatically use a default font in place of any Google Fonts that were being used. If you would like to choose different fonts, then see our guide on how to change fonts in your WordPress theme.
You can learn more in our guide on how to disable Google Fonts on your WordPress website.
Expert Guides on WordPress Privacy and GDPR Compliance
We hope this tutorial helped you learn how to make Google Fonts privacy-friendly. You may also want to see some other articles related to WordPress privacy and GDPR compliance:
- The Ultimate Guide to WordPress and GDPR Compliance
- How to Add a Cookies Popup in WordPress for GDPR/CCPA
- How to Add a GDPR Comment Privacy Opt-in Checkbox in WordPress
- How to Stop Storing IP Address in WordPress Comments
- How to Create GDPR Compliant Forms in WordPress
- Best WordPress GDPR Plugins to Improve Compliance
- How to Add a Privacy Policy in WordPress
- How to Disable Google Fonts on Your WordPress Website
If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.
Dennis Muthomi
I’ve been using the OMGF plugin for my clients’ sites, and it’s fantastic. Recently tried it for a client(in the EU) who needed GDPR compliance – worked like a charm!
Here’s a helpful tip from my experience: Keep an eye on your themes and plugins after updates. They sometimes sneak Google Fonts back in. I’ve made this part of my regular site maintenance routine.
Really appreciate this resource – it’s helping me keep my client site both good-looking and privacy-compliant!
Jiří Vaněk
Thanks for the tutorial. I operate a website in the Czech Republic that is subject to GDPR legislation. For that reason, we also need to inform users of the fact that there is a mechanism on the website that collects data about their activity. We call it cookie banner. The user must be informed and allow or disable this collection.
I downloaded the Google font on a recommendation and use it locally on FTP. I also did it for the speed of the site. So thanks for the tutorial.
However, just asking, I assume that if I use other Google services like analytics or adsense, then the situation is the same and basically the user data goes to the third party again.
WPBeginner Support
Correct, you would need to use another plugin or tool to have that information be GDPR safe.
Admin
Jiří Vaněk
Thanks for confirming my hunch about GPDR. You have basically confirmed to me that unfortunately no third party services can be used without the Cookie Banner. So I will act accordingly.