https://kokkeloren.no/
Severe privacy issues requiring immediate attention
40
Trackers Found
15
Cookies
121
Network Requests
9.2s
Load Time
Kokkeløren.no has implemented a consent management system but is fundamentally non-compliant with GDPR and ePrivacy regulations. The site loads 13 tracking systems before visitors can consent, sends personal data including email addresses to US servers without consent, and uses invasive technologies like session recording and fingerprinting that violate EU privacy law. Despite having Cookiebot installed, the consent mechanism is improperly configured and doesn't actually control the tracking systems.
Critical Actions:
Detail
Found 13 tracking cookie(s) and 1 tracking request(s) BEFORE any consent interaction. This is the most common GDPR violation.
Remediation
Configure Cookiebot to block ALL tracking cookies and scripts until consent is given. Enable 'auto-blocking' mode in Cookiebot settings and audit all third-party scripts to ensure they respect the consent state.
Legal Reference
GDPR Art. 7, ePrivacy Directive Art. 5(3)
Raw Data
{
"tracking_cookies_before_consent": 13,
"tracking_requests_before_consent": 1
}Detail
The consent banner has no visible 'reject' or 'decline' button. Under GDPR, rejecting cookies must be as easy as accepting them.
Remediation
Add a prominent 'Reject All' button to your Cookiebot consent banner. Configure it to be equally visible and accessible as the 'Accept' button. Test that clicking reject actually blocks all non-essential tracking.
Legal Reference
GDPR Art. 7, Planet49 ruling
Raw Data
{
"reject_button_found": false
}Detail
Found CookieBot CMP (CookieBot (Usercentrics)) loading from https://consent.cookiebot.com/722d4d5b-d6d6-4159-8ee4-e23e6a44b532/cc.js?renew=false&referer=kokkeloren.no&dnt=false&init=false. Purpose: Cookie consent management platform.
Remediation
Ensure Cookiebot is set to 'auto-blocking' mode. Review the configuration to make sure all tracking scripts are properly categorized and blocked until consent is given.
Legal Reference
GDPR Art. 25
Raw Data
{
"vendor": "CookieBot (Usercentrics)",
"purpose": "Cookie consent management platform",
"category": "consent",
"script_src": "https://consent.cookiebot.com/722d4d5b-d6d6-4159-8ee4-e23e6a44b532/cc.js?renew=false&referer=kokkeloren.no&dnt=false&init=false",
"gdpr_concern": "Consent management tool.",
"tracker_name": "CookieBot CMP",
"data_collected": [
"consent preferences"
]
}Detail
2 request(s) to consent.cookiebot.com (Cookie consent management platform).
Remediation
No action needed - these are normal operational requests for the consent management platform.
Raw Data
{
"domain": "consent.cookiebot.com",
"vendor": "CookieBot (Usercentrics)",
"purpose": "Cookie consent management platform",
"sample_urls": [
"https://consent.cookiebot.com/uc.js?cbid=722d4d5b-d6d6-4159-8ee4-e23e6a44b532&implementation=gtm&consentmode-dataredaction=dynamic",
"https://consent.cookiebot.com/722d4d5b-d6d6-4159-8ee4-e23e6a44b532/cc.js?renew=false&referer=kokkeloren.no&dnt=false&init=false"
],
"pii_detected": [],
"request_count": 2,
"resource_types": [
"script"
]
}Detail
Cookie consent banner powered by Custom consent banner (Custom) is present on the page.
Remediation
Focus on fixing the pre-consent tracking and adding a reject button rather than the banner display itself.
Raw Data
{
"cmp": "Custom consent banner",
"vendor": "Custom"
}Detail
4 request(s) to tr.snapchat.com (unknown) — PII detected: e in POST body.
Remediation
Remove Snapchat Pixel tracking code or implement consent management that blocks it until users opt-in. Consider server-side conversion tracking as a privacy-friendly alternative.
Legal Reference
GDPR Art. 6, GDPR Art. 7, Schrems II
Raw Data
{
"domain": "tr.snapchat.com",
"vendor": null,
"purpose": "unknown",
"sample_urls": [
"https://tr.snapchat.com/config/no/1d31ab17-414f-451d-8894-ae8da4c42eca.json?v=3.54.2-2603162155",
"https://tr.snapchat.com/cm/i?pid=1d31ab17-414f-451d-8894-ae8da4c42eca&u_scsid=008c28ad-43d1-4d00-a5de-73c3d8032ab2&u_sclid=b28194ef-06d2-4ef1-9741-5fcbc6865390",
"https://tr.snapchat.com/p",
"https://tr.snapchat.com/p"
],
"pii_detected": [
"e in POST body"
],
"request_count": 4,
"resource_types": [
"document",
"fetch",
"ping"
]
}Detail
1 request(s) to track-eu1.hubspot.com (unknown) — PII detected: ln (URL parameter).
Remediation
Configure HubSpot to respect consent choices and ensure tracking only starts after user consent. Review data processing agreement with HubSpot for GDPR compliance.
Legal Reference
GDPR Art. 6, GDPR Art. 13
Raw Data
{
"domain": "track-eu1.hubspot.com",
"vendor": null,
"purpose": "unknown",
"sample_urls": [
"https://track-eu1.hubspot.com/__ptq.gif?k=1&sd=1920x1080&cd=24-bit&cs=UTF-8&ln=nb-no&v=1.1&a=139580736&pu=https%3A%2F%2Fkokkeloren.no%2F&t=Matkasse+fra+Kokkel%C3%B8ren&cts=1773752584905&vi=1ac4a1efd46"
],
"pii_detected": [
"ln (URL parameter)"
],
"request_count": 1,
"resource_types": [
"image"
]
}Detail
Third-party cookie from sc-static.net, expires: 0 days, purpose: Unrecognized cookie.
Remediation
Identify what sc-static.net is used for on your site. If it's not essential for functionality, remove it or ensure it only loads with consent.
Legal Reference
GDPR Art. 13, ePrivacy Directive Art. 5(3)
Raw Data
{
"expiry": "0 days",
"secure": true,
"vendor": "unknown",
"purpose": "unknown",
"http_only": false,
"same_site": "None",
"cookie_name": "X-AB",
"cookie_domain": "sc-static.net",
"is_long_lived": false,
"is_third_party": true
}Detail
First-party cookie from kokkeloren.no, expires: 1 years, purpose: Snapchat conversion tracking cookie.. Vendor: Snap Inc..
Remediation
Ensure this cookie only loads after explicit consent to marketing cookies. Configure your consent platform to block Snapchat tracking by default.
Legal Reference
ePrivacy Directive Art. 5(3), GDPR Art. 7
Raw Data
{
"expiry": "1 years",
"secure": false,
"vendor": "Snap Inc.",
"purpose": "marketing",
"http_only": false,
"same_site": "Lax",
"cookie_name": "_scid",
"cookie_domain": "kokkeloren.no",
"is_long_lived": true,
"is_third_party": false
}Detail
First-party cookie from kokkeloren.no, expires: 1 years, purpose: Snapchat conversion tracking cookie (restricted).. Vendor: Snap Inc..
Remediation
Ensure this cookie only loads after explicit consent to marketing cookies. Configure your consent platform to block all Snapchat tracking by default.
Legal Reference
ePrivacy Directive Art. 5(3), GDPR Art. 7
Raw Data
{
"expiry": "1 years",
"secure": false,
"vendor": "Snap Inc.",
"purpose": "marketing",
"http_only": false,
"same_site": "Lax",
"cookie_name": "_scid_r",
"cookie_domain": "kokkeloren.no",
"is_long_lived": true,
"is_third_party": false
}Raw Data
{
"expiry": "session",
"secure": true,
"vendor": "unknown",
"purpose": "unknown",
"http_only": true,
"same_site": "None",
"cookie_name": "_cfuvid",
"cookie_domain": "hubspot.com",
"is_long_lived": false,
"is_third_party": true
}Detail
First-party cookie from kokkeloren.no, expires: 5 months, purpose: HubSpot visitor tracking cookie.. Vendor: HubSpot.
Remediation
Configure HubSpot to only track after consent. Consider reducing cookie lifetime or using privacy-friendly analytics alternatives like Plausible or Fathom.
Legal Reference
GDPR Art. 6, ePrivacy Directive Art. 5(3)
Raw Data
{
"expiry": "5 months",
"secure": false,
"vendor": "HubSpot",
"purpose": "analytics",
"http_only": false,
"same_site": "Lax",
"cookie_name": "__hstc",
"cookie_domain": "kokkeloren.no",
"is_long_lived": false,
"is_third_party": false
}Detail
First-party cookie from kokkeloren.no, expires: 5 months, purpose: HubSpot user token for visitor identification.. Vendor: HubSpot.
Remediation
Ensure HubSpot visitor identification only starts after consent. Consider server-side tracking or privacy-friendly alternatives.
Legal Reference
GDPR Art. 6, ePrivacy Directive Art. 5(3)
Raw Data
{
"expiry": "5 months",
"secure": false,
"vendor": "HubSpot",
"purpose": "analytics",
"http_only": false,
"same_site": "Lax",
"cookie_name": "hubspotutk",
"cookie_domain": "kokkeloren.no",
"is_long_lived": false,
"is_third_party": false
}Detail
First-party cookie from kokkeloren.no, expires: session, purpose: HubSpot session reset detection.. Vendor: HubSpot.
Remediation
This appears to be functional analytics. Ensure it only loads after consent if used for marketing purposes.
Legal Reference
ePrivacy Directive Art. 5(3)
Raw Data
{
"expiry": "session",
"secure": false,
"vendor": "HubSpot",
"purpose": "analytics",
"http_only": false,
"same_site": "Lax",
"cookie_name": "__hssrc",
"cookie_domain": "kokkeloren.no",
"is_long_lived": false,
"is_third_party": false
}Detail
First-party cookie from kokkeloren.no, expires: 0 days, purpose: HubSpot session tracking.. Vendor: HubSpot.
Remediation
Ensure session tracking only starts after consent. Consider if this level of detail is necessary for your business needs.
Legal Reference
ePrivacy Directive Art. 5(3)
Raw Data
{
"expiry": "0 days",
"secure": false,
"vendor": "HubSpot",
"purpose": "analytics",
"http_only": false,
"same_site": "Lax",
"cookie_name": "__hssc",
"cookie_domain": "kokkeloren.no",
"is_long_lived": false,
"is_third_party": false
}Raw Data
{
"expiry": "1 years",
"secure": true,
"vendor": "unknown",
"purpose": "unknown",
"http_only": true,
"same_site": "Lax",
"cookie_name": "__client",
"cookie_domain": "clerk.kokkeloren.no",
"is_long_lived": true,
"is_third_party": false
}Raw Data
{
"expiry": "1 years",
"secure": true,
"vendor": "unknown",
"purpose": "unknown",
"http_only": false,
"same_site": "Lax",
"cookie_name": "__client_uat",
"cookie_domain": "kokkeloren.no",
"is_long_lived": true,
"is_third_party": false
}Raw Data
{
"expiry": "1 years",
"secure": true,
"vendor": "unknown",
"purpose": "unknown",
"http_only": false,
"same_site": "Lax",
"cookie_name": "__client_uat_rj7vSR9-",
"cookie_domain": "kokkeloren.no",
"is_long_lived": true,
"is_third_party": false
}Detail
First-party cookie from clerk.kokkeloren.no, expires: session, purpose: Unrecognized cookie.
Remediation
Contact Clerk support to understand this cookie's purpose and ensure it's only used for essential authentication functions.
Raw Data
{
"expiry": "session",
"secure": true,
"vendor": "unknown",
"purpose": "unknown",
"http_only": true,
"same_site": "None",
"cookie_name": "_cfuvid",
"cookie_domain": "clerk.kokkeloren.no",
"is_long_lived": false,
"is_third_party": false
}Detail
First-party cookie from kokkeloren.no, expires: 6 days, purpose: Unrecognized cookie.
Remediation
Identify this cookie's purpose and ensure it only loads with marketing consent if it's for tracking purposes.
Legal Reference
ePrivacy Directive Art. 5(3)
Raw Data
{
"expiry": "6 days",
"secure": false,
"vendor": "unknown",
"purpose": "unknown",
"http_only": false,
"same_site": "Lax",
"cookie_name": "_ScCbts",
"cookie_domain": "kokkeloren.no",
"is_long_lived": false,
"is_third_party": false
}Detail
4 request(s) to policy.app.cookieinformation.com (unknown).
Remediation
No action needed - this is your Cookie Information consent platform functioning normally.
Raw Data
{
"domain": "policy.app.cookieinformation.com",
"vendor": null,
"purpose": "unknown",
"sample_urls": [
"https://policy.app.cookieinformation.com/uc.js",
"https://policy.app.cookieinformation.com/cookie-data/kokkeloren.no/cabl.json",
"https://policy.app.cookieinformation.com/cookiesharingiframe.html",
"https://policy.app.cookieinformation.com/latest/66273/en.js"
],
"pii_detected": [],
"request_count": 4,
"resource_types": [
"xhr",
"script",
"document"
]
}Detail
2 request(s) to consentcdn.cookiebot.com (unknown).
Remediation
Review why two consent platforms are loading. Remove unused consent management tools to avoid conflicts and improve performance.
Raw Data
{
"domain": "consentcdn.cookiebot.com",
"vendor": null,
"purpose": "unknown",
"sample_urls": [
"https://consentcdn.cookiebot.com/sdk/bc-v4.min.html",
"https://consentcdn.cookiebot.com/consentconfig/722d4d5b-d6d6-4159-8ee4-e23e6a44b532/settings.json"
],
"pii_detected": [],
"request_count": 2,
"resource_types": [
"xhr",
"document"
]
}Detail
1 request(s) to js-eu1.hs-scripts.com (unknown).
Remediation
Ensure this script respects consent settings and only loads tracking features after user opt-in.
Raw Data
{
"domain": "js-eu1.hs-scripts.com",
"vendor": null,
"purpose": "unknown",
"sample_urls": [
"https://js-eu1.hs-scripts.com/139580736.js"
],
"pii_detected": [],
"request_count": 1,
"resource_types": [
"script"
]
}Detail
2 request(s) to kokkeloren-snack-runner.kokkeloren.workers.dev (unknown).
Remediation
No privacy concern - this appears to be your own backend service. Ensure user data is handled securely in your Workers scripts.
Raw Data
{
"domain": "kokkeloren-snack-runner.kokkeloren.workers.dev",
"vendor": null,
"purpose": "unknown",
"sample_urls": [
"https://kokkeloren-snack-runner.kokkeloren.workers.dev/user/subscription",
"https://kokkeloren-snack-runner.kokkeloren.workers.dev/user/subscription"
],
"pii_detected": [],
"request_count": 2,
"resource_types": [
"fetch"
]
}Detail
1 request(s) to js-eu1.hs-banner.com (unknown).
Remediation
Ensure any marketing banners or popups only display after consent. Review what banners are being shown to visitors.
Raw Data
{
"domain": "js-eu1.hs-banner.com",
"vendor": null,
"purpose": "unknown",
"sample_urls": [
"https://js-eu1.hs-banner.com/v2/139580736/banner.js"
],
"pii_detected": [],
"request_count": 1,
"resource_types": [
"script"
]
}Detail
1 request(s) to js-eu1.hs-analytics.net (unknown).
Remediation
Ensure HubSpot analytics respects consent preferences and only tracks consenting visitors.
Raw Data
{
"domain": "js-eu1.hs-analytics.net",
"vendor": null,
"purpose": "unknown",
"sample_urls": [
"https://js-eu1.hs-analytics.net/analytics/1773741600000/139580736.js"
],
"pii_detected": [],
"request_count": 1,
"resource_types": [
"script"
]
}Detail
1 request(s) to tr6.snapchat.com (unknown).
Remediation
This is part of the Snapchat Pixel implementation. Address this when fixing the main Snapchat tracking issues above.
Legal Reference
GDPR Art. 6
Raw Data
{
"domain": "tr6.snapchat.com",
"vendor": null,
"purpose": "unknown",
"sample_urls": [
"https://tr6.snapchat.com/p"
],
"pii_detected": [],
"request_count": 1,
"resource_types": [
"ping"
]
}Detail
Found Google Ads (via GTM) reference in GTM container GTM-N8S3TGCP. This tracker may fire based on container triggers.
Remediation
Remove Google Ads tracking from Google Tag Manager or ensure it only fires after explicit consent. Consider contextual advertising alternatives like Carbon Ads or EthicalAds that don't track individual users. If remarketing is essential, implement proper consent management that blocks all Google Ads scripts until users explicitly opt-in.
Legal Reference
GDPR Art. 6 (lawful basis), ePrivacy Directive Art. 5(3), CNIL v. Google (2022)
Raw Data
{
"via": "raw_js_scan",
"container_id": "GTM-N8S3TGCP",
"detected_pattern": "googleadservices\\.com"
}Detail
Found DoubleClick (via GTM) reference in GTM container GTM-N8S3TGCP. This tracker may fire based on container triggers.
Remediation
Remove DoubleClick tracking from Google Tag Manager immediately. If display advertising is needed, switch to contextual advertising networks that don't track users, or implement a robust consent system that only loads DoubleClick after explicit user consent. Consider privacy-focused alternatives like Carbon Ads for tech audiences.
Legal Reference
GDPR Art. 5(1)(a) (fairness), ePrivacy Directive Art. 5(3), Belgian DPA v. Meta (2023)
Raw Data
{
"via": "raw_js_scan",
"container_id": "GTM-N8S3TGCP",
"detected_pattern": "doubleclick\\.net"
}Detail
1 request(s) to pagead2.googlesyndication.com (Display advertising network).
Remediation
Audit your Google Tag Manager setup to identify why pagead2.googlesyndication.com requests are firing. If this is for conversion tracking, ensure it only runs after consent. The 'npa=1' parameter indicates non-personalized ads, which is better for privacy but still requires consent for data collection.
Legal Reference
ePrivacy Directive Art. 5(3), GDPR Art. 13 (transparency)
Raw Data
{
"domain": "pagead2.googlesyndication.com",
"vendor": "Google",
"purpose": "Display advertising network",
"sample_urls": [
"https://pagead2.googlesyndication.com/ccm/collect?frm=0&ae=g&en=page_view&dl=https%3A%2F%2Fkokkeloren.no%2F&scrsrc=sgtm.kokkeloren.no&rnd=1516137237.1773752586&navt=n&npa=1&us_privacy=1---&ep.ads_data"
],
"pii_detected": [],
"request_count": 1,
"resource_types": [
"fetch"
]
}Detail
2 request(s) to o463742.ingest.us.sentry.io (Error monitoring and performance tracking) — PII detected: name in POST body, ln in POST body.
Remediation
Configure Sentry to exclude PII from error reports using beforeSend filtering, or switch to EU-hosted Sentry instance. Review what personal data is being captured in error contexts.
Legal Reference
GDPR Art. 6 (lawful basis), Schrems II (US data transfers)
Raw Data
{
"domain": "o463742.ingest.us.sentry.io",
"vendor": "Sentry",
"purpose": "Error monitoring and performance tracking",
"sample_urls": [
"https://o463742.ingest.us.sentry.io/api/4508449385807872/envelope/?sentry_version=7&sentry_key=6324798c673cf01315a26377634bb817&sentry_client=sentry.javascript.nextjs%2F9.10.0",
"https://o463742.ingest.us.sentry.io/api/4508449385807872/envelope/?sentry_version=7&sentry_key=6324798c673cf01315a26377634bb817&sentry_client=sentry.javascript.nextjs%2F9.10.0"
],
"pii_detected": [
"name in POST body",
"ln in POST body"
],
"request_count": 2,
"resource_types": [
"fetch"
]
}Detail
Found Google Tag Manager (Google) loading from https://www.googletagmanager.com/gtm.js?id=GTM-N8S3TGCP>g_health=1. Purpose: Tag management system that can load any tracking script.
Remediation
Audit all GTM tags to ensure compliance. Consider server-side GTM or privacy-focused tag management like Piwik PRO Tag Manager hosted in EU.
Legal Reference
GDPR Art. 28 (processor obligations), Schrems II
Raw Data
{
"vendor": "Google",
"purpose": "Tag management system that can load any tracking script",
"category": "analytics",
"script_src": "https://www.googletagmanager.com/gtm.js?id=GTM-N8S3TGCP>g_health=1",
"gdpr_concern": "Container may include any number of tracking tags, often without the site owner's full awareness.",
"tracker_name": "Google Tag Manager",
"data_collected": [
"depends on configured tags"
]
}Detail
GTM container GTM-N8S3TGCP is loaded on this page. It acts as a hub that can load any number of tracking tags.
Remediation
Document all active GTM tags, ensure each has proper consent controls, and implement consent mode v2. Review tag firing rules to prevent pre-consent activation.
Legal Reference
GDPR Art. 5(1)(a) (transparency), GDPR Art. 30 (records)
Raw Data
{
"container_id": "GTM-N8S3TGCP"
}Detail
First-party cookie from clerk.kokkeloren.no, expires: 0 days, purpose: Cloudflare bot management cookie for identifying legitimate traffic.. Vendor: Cloudflare.
Remediation
Investigate why HubSpot connections are occurring. If using HubSpot services, ensure proper data processing agreement and consent mechanisms are in place.
Legal Reference
GDPR Art. 28 (processor agreements)
Raw Data
{
"expiry": "0 days",
"secure": true,
"vendor": "Cloudflare",
"purpose": "necessary",
"http_only": true,
"same_site": "None",
"cookie_name": "__cf_bm",
"cookie_domain": "clerk.kokkeloren.no",
"is_long_lived": false,
"is_third_party": false
}Raw Data
{
"expiry": "0 days",
"secure": true,
"vendor": "Cloudflare",
"purpose": "necessary",
"http_only": true,
"same_site": "None",
"cookie_name": "__cf_bm",
"cookie_domain": "hubspot.com",
"is_long_lived": false,
"is_third_party": true
}Detail
1 request(s) to www.googletagmanager.com (Tag management system that can load any tracking script).
Remediation
This request is part of GTM loading - address through GTM compliance measures above. Consider self-hosting GTM or switching to privacy-focused alternatives.
Legal Reference
ePrivacy Directive Art. 5(3)
Raw Data
{
"domain": "www.googletagmanager.com",
"vendor": "Google",
"purpose": "Tag management system that can load any tracking script",
"sample_urls": [
"https://www.googletagmanager.com/gtm.js?id=GTM-N8S3TGCP>g_health=1"
],
"pii_detected": [],
"request_count": 1,
"resource_types": [
"script"
]
}Detail
Found Microsoft Clarity (via GTM) reference in GTM container GTM-N8S3TGCP. This tracker may fire based on container triggers.
Remediation
Remove Microsoft Clarity from your Google Tag Manager or ensure it only loads AFTER explicit consent for session recording. Consider if you actually need session recordings - most Norwegian food delivery sites operate successfully without them. If recordings are essential, use privacy-friendly alternatives like self-hosted solutions with automatic PII masking.
Legal Reference
GDPR Art. 6 (lawful basis), Art. 7 (consent), ePrivacy Directive Art. 5(3)
Raw Data
{
"via": "raw_js_scan",
"container_id": "GTM-N8S3TGCP",
"detected_pattern": "clarity\\.ms"
}Detail
Found Snapchat Pixel (Snap Inc.) loading from https://sc-static.net/scevent.min.js. Purpose: Conversion tracking for Snapchat ads.
Remediation
Remove the Snapchat Pixel entirely, or implement proper consent management that only loads the pixel after users explicitly consent to advertising cookies. Consider server-side conversion tracking that doesn't expose visitor data to third parties.
Legal Reference
GDPR Art. 6 (lawful basis), ePrivacy Directive Art. 5(3), Schrems II
Raw Data
{
"vendor": "Snap Inc.",
"purpose": "Conversion tracking for Snapchat ads",
"category": "advertising",
"script_src": "https://sc-static.net/scevent.min.js",
"gdpr_concern": "US data transfer for ad tracking.",
"tracker_name": "Snapchat Pixel",
"data_collected": [
"conversions",
"page views"
]
}Detail
1 request(s) to sc-static.net (Conversion tracking for Snapchat ads).
Remediation
Block these requests until proper consent is obtained. Implement a consent management platform that prevents the Snapchat script from loading until users accept advertising cookies. Alternative: Use first-party tracking methods that don't involve third-party data sharing.
Legal Reference
GDPR Art. 7 (consent conditions), ePrivacy Directive Art. 5(3)
Raw Data
{
"domain": "sc-static.net",
"vendor": "Snap Inc.",
"purpose": "Conversion tracking for Snapchat ads",
"sample_urls": [
"https://sc-static.net/scevent.min.js"
],
"pii_detected": [],
"request_count": 1,
"resource_types": [
"script"
]
}Detail
Tests which fonts are installed by measuring text rendering differences. Attributed to: https://kokkeloren.no/_next/static/chunks/2d1400c4-80e8491da2619b0b.js
Remediation
Remove font fingerprinting code from your Next.js application. If you need font detection for legitimate purposes (like ensuring proper display), use feature detection that doesn't create unique identifiers, or implement it only after obtaining explicit user consent.
Legal Reference
ePrivacy Directive Art. 5(3), GDPR Art. 6
Raw Data
{
"technique": "font",
"match_count": 2,
"source_script": "https://kokkeloren.no/_next/static/chunks/2d1400c4-80e8491da2619b0b.js",
"patterns_matched": [
"measureText\\s*\\(.*?\\).*?width",
"fontFamily.*?(?:serif|sans-serif|monospace).*?fontFamily"
]
}