Bunny Fonts payments itself because the “privacy-first internet font platform designed to place privateness again into the web.”Based on its FAQ:
With a zero-tracking and no-logging coverage, Bunny Fonts helps you keep absolutely GDPR compliant and places your person’s private knowledge into their very own palms.
Exhausting for my thoughts to not go straight to Google Fonts. Bunny Fonts even says they’re a drop-in substitute for Google Fonts. It provides the identical open supply fonts and holds the identical API construction utilized by Google Fonts.
Now, I’m no GDPR knowledgeable however the potential of Google accumulating knowledge by its Fonts API is hardly unsurprising and even surprising. I used to be curious to take a look at Google’s privateness assertion for Fonts:
The Google Fonts API logs the main points of the HTTP request, which incorporates the timestamp, requested URL, and all HTTP headers (together with referrer and person agent string) supplied in reference to using our CSS API.
IP addresses usually are not logged.
Evaluating that to what Bunny Fonts says in its FAQ:
When utilizing Bunny Fonts, no private knowledge or logs are saved. All of the requests are processed fully anonymously.
Or maybe extra completely defined on the bunny.web GDPR assertion:
Normally, the information held and picked up by bunny.web doesn’t include any person identifiable knowledge. In some instances, which depend upon how you’re utilizing bunny.web and the way your web site is structured, private knowledge could also be collected out of your customers. Such info consists of internet hosting person uploaded content material in addition to private knowledge that is perhaps transmitted within the URL, Person-Agent or Referer headers of the HTTP protocol.
Sounds fairly comparable, proper? Nicely, it might not have been that comparable earlier this yr when a German courtroom dominated that embedded Google Fonts violated GDPR compliance. It seems that one line within the Google Fonts privateness assertion about IP addresses got here after the ruling, as soon as the API scrubbed them from collected knowledge.
So, do you want to ditch Google Fonts to be GDPR compliant? I’d think about not if IP addresses have been the only concern, however I’ll depart that for folk who know the principles to touch upon that.
However if you’re involved about Google Font’s GDPR compliance, I assume Bunny Fonts is value a glance! And seeing that it’s powered by bunny.web’s CDN companies, you need to get fairly comparable efficiency marks.
