Online embedding of Google Fonts criticized,
Local hosting of Google Fonts is strongly recommended
The Regional Court of Munich issued a ruling in January 2022 that the embedding of the free Google Fonts via the Google server is not DSGVO-compliant. By opening the website, the fonts are loaded via the Google API. The online embedding of the font is done via a link or an import and looks like this:
This call automatically sends the user’s dynamic IP addresses to Google in the USA.
According to the (disputed) legal situation, this should only happen with the explicit consent of the visitor.
In order to have legal certainty and to avoid inconveniences due to possible warnings, it is therefore strongly recommended to host Google Fonts locally only. Google offers the possibility to download the selected font from the Google Font Library. Upload the font to your own web space and integrate it into your website. Now, the font is loaded locally from your server and no data is sent to Google.