Gdpr

Important DXPR Theme Update: Are You Risking a €250,000 Fine for Using Google Fonts on Your Website? and More

DXPR Marketing Team
November 14, 2023

We understand that website design isn't just about aesthetics; it's also about complying with privacy laws and regulations. Our latest DXPR Theme update takes care of both design and privacy concerns, including the following enhancements:

Better Privacy for Google Fonts

The old way of loading Google fonts is not compliant with privacy laws in Europe. In fact, German courts have ruled that loading fonts from Google CDN equates to leaking PII (Personally Identifiable Information), such as the user's IP address, and have fined websites €100 for loading Google fonts this way. One of our clients was recently threatened with legal action due to their use of Google CDN in DXPR Theme, which prompted us to take action.

The German court's ruling threatens a fine of €250,000.00 for each case of infringement or, alternatively, six months imprisonment if the site owner does not comply and continues to provide Google with IP addresses through their use of Google Fonts. At DXPR, we take data privacy very seriously, which is why we've modified our DXPR Theme to serve Google fonts from the local public file system, avoiding any leakage of PII.

Security Update or Compliance Update?

Technically, leaking PII is considered a security bug. Because DXPR Theme is hosted on Drupal.org, the Drupal security team governs what is and isn't considered a security update. The team decided they see no benefit in marking this update as such. However, as an Amsterdam-based company, we do consider this issue a security issue because EU law does consider leaking IP addresses to 3rd parties without user consent as a security problem. Therefore, we published the Google Fonts update on all branches of the DXPR Theme, including the Drupal 7 branch.

More Color Schemes and Enhanced Theming

In addition to better privacy for Google Fonts, our DXPR Theme update also includes eight new color schemes, including "dark mode" palettes. We've also enhanced the theming of tabs, tables, and collapsibles to work better with color palettes. This update ensures that our client's websites are visually appealing and offer a great user experience.

Default color scheme
Bright & Healthy color scheme
Powerful & Energetic color scheme
Dark Mode color scheme

Check out all color schemes on Drupal.org/project/dxpr_theme

Bug Fixes

Our DXPR Theme update also fixes several bugs, including the issue with vibrating pages when using a sticky header and page content height close to or equal to the viewport height. We've also fixed the issue with full-screen search and breadcrumb styling not working in DXPR Theme 5.x  (Bootstrap 5) sub-themes. Finally, we've improved the styling for threaded comments.

Risks of Using @font-your-face Module

It's important to note that if you're using the popular @font-your-face module to load Google fonts or other fonts from a CDN, you're still risking the fine. It’s essential to make sure your website is fully compliant with privacy laws and regulations, and our DXPR Theme update ensures just that.

About DXPR Theme

DXPR Theme is a low-code Drupal theme that allows you to customize over 200 settings for your website design. It offers mobile optimization and improved SEO to ensure your site is accessible on any device. Additionally, DXPR Theme comes with comprehensive documentation and customer support to help you every step of the way. Give DXPR Theme a try on our online admin demo site to simplify your Drupal website creation process and launch your ideal website.

Category

Drupal Themes

Author

DXPR Marketing Team