Kipphard GDPR Web Fonts
Scan your site for external requests that send personal data (such as the visitor's IP address) to third parties — Google Fonts, Analytics, YouTube, Maps, Gravatar, reCAPTCHA and more. You get a risk-sorted report with concrete recommendations and can fix the most common issues right away. Not a cookie banner — simply fewer requests to third parties.
The problem
Since the Google Fonts ruling (Regional Court of Munich I), externally loaded fonts are a documented GDPR risk — and a wave of warning letters followed. But it's not just fonts: YouTube embeds, Google Maps, Analytics, Gravatar and reCAPTCHA quietly send your visitors' IP address to servers in the US. Most site owners don't even know which third-party services their site loads.
The solution
An honest scanner that inspects your pages’ rendered HTML and detects, classifies and risk-rates every external request. You see at a glance which services send data to third parties — with concrete recommendations. Fix common issues directly: remove Google Fonts, disable WordPress emojis, replace Gravatar locally. In Pro: host fonts locally automatically and rewrite embeds in a privacy-friendly way.
What it does
Scan & risk report
Inspects the rendered HTML and groups every external request by risk — with a recommendation per service.
Detects the key services
Google Fonts, Analytics, Tag Manager, Ads, YouTube, Vimeo, Maps, Gravatar, reCAPTCHA, Meta Pixel, Hotjar, CDNs.
Remove Google Fonts
Removes external Google Fonts requests from the front-end in one click.
Disable emojis & Gravatar
Disables the s.w.org emoji script and replaces Gravatar with a local placeholder — no request to third parties.
Host fonts locally (Pro)
Downloads Google Fonts and serves them locally — the fonts stay, without the external request.
Localize embeds (Pro)
YouTube (nocookie), Maps & Vimeo as click-to-load placeholders, plus a scheduled re-scan by email.
Pricing
Free
0 EUR / forever
- Scan & risk report of all external requests
- Remove Google Fonts
- Disable WordPress emojis
- Replace Gravatar locally
Pro
39 EUR / per year
- Host Google Fonts locally, automatically
- Localize embeds (YouTube, Maps, Vimeo)
- Scheduled re-scan + email report
- Priority support
Agency
99 EUR / per year
- Up to 10 websites
- Multisite support
- PDF compliance report
- Everything in Pro
Prices excl. VAT — added at checkout based on your country; businesses with a VAT ID pay reverse-charge · annual license · 7-day free trial, no payment details required.
FAQ
Is this a cookie banner?
No. A cookie banner asks for consent — this plugin reduces the external requests themselves, so less data goes to third parties in the first place. The two complement each other.
Does the scan really catch everything?
The scan inspects the delivered HTML. Requests loaded dynamically via JavaScript may not be detected — the report notes this. The plugin is not a substitute for legal advice.
Do I need technical knowledge?
No. Start the scan, read the report, switch off common issues. Hosting fonts locally takes one click in the Pro version.
What about the Google Fonts ruling?
The Regional Court of Munich I (case 3 O 17493/20) classified externally loaded Google Fonts as a GDPR violation. This plugin finds such requests and helps remove or self-host them.