Community Forums

More issues regarding Google Fonts:
when going in the WP admin backend to the theme configuration, there is again connection to Google API established:

This happens just when going to the codeless theme admin.
e.g.: https://DOMAIN.END/wp-admin/customize.php?theme=specular%2Fspecular&return=%2Fwp-admin%2Fthemes.php

URLs:
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js?ver=1.6.26
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C500%2C600%2C700%7COpen+Sans%3A400%2C500%2C600%2C700&ver=6.5.5

These must be removed — the EU GDPR legal framework clearly requires minimization.
Loading things in the background of a web administration interface just for admins is definitely not required.

Art. 5 GDPR: Principles relating to processing of personal data
Personal data shall be:
[…]
c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimization’);

Link: https://gdpr.eu/article-5-how-to-process-personal-data/

Just having a font on the backend is not in line with the GDPR and can be considered illegal. It is not a “legitimate interest” and violates Art.5 c “limited to what is necessary”

Please do not force those web components by default on (often unaware) users. They are not “for free” but are part of a surveillance business model, and need to be avoided — also in terms of the whole EU countries legislation. Hosting fonts locally is no complicated thing, as can be easily done, also for your theme. It is just CSS.

I hope this helps to support your product to have a better EU GDPR compliance without the risk of legal issues for everyone of your clients who act in the role as data controller or even as contractor in terms of GDPR.
Please keep us updated about plans regarding the matter for a next update,
Thanks!

• This reply was modified 1 year, 11 months ago by spotteron.
• This reply was modified 1 year, 11 months ago by spotteron.