Transparency

How Local Storage Works

No cookies. No tracking. Opt-in only. Off by default. Stays in your browser
In plain English
The short version — what this is and what it isn't
What it is

An optional feature that saves your last completed audit snapshot directly inside your own browser — so you can compare it against future audits to spot configuration changes. It is off by default and you control it entirely.

What it is not

It is not a cookie. It is not a tracking mechanism. It is not analytics. It is not sent to Lensory, Azure, or any third party. The data never leaves your device.

Who can see it

Only you, in this browser on this device. The data is stored under the azcheck.dev origin, so only AZCheck can read it — no other website can access it.

How to turn it off or clear it

Toggle it off in Settings (⚙ button in the app header) at any time. You can also clear it directly in your browser's developer tools under Application → Local Storage → azcheck.dev.

This feature is unrelated to cookies. AZCheck sets no cookies of any kind — not for this feature, not for anything else.

01

What is browser local storage?

Local storage is a web browser feature that allows a website to save small amounts of data directly on your device — in your browser's own storage, not on any server. It was designed by browser vendors as a way for web applications to remember state between sessions, without needing a backend database.

Every major browser (Chrome, Firefox, Edge, Safari) implements local storage. It is completely separate from cookies. Data stored here:

Is stored entirely on your device, inside your browser's application storage
Is only accessible to pages on the same origin (azcheck.dev) — no other website can read it
Is never automatically sent to any server with network requests (unlike cookies)
Persists until you clear it or your browser storage quota is reached

Cookies, by contrast, are automatically included in every HTTP request your browser makes to the server — which is why they are commonly used for tracking. Local storage does not work this way and cannot be used for cross-site tracking.

02

Exactly what AZCheck stores — and what it does not

If you enable local storage in Settings, AZCheck writes exactly two keys to your browser's local storage for the azcheck.dev origin:

KeyWhat it containsPurpose
azcheck_storage_pref The string "true" or "false" Remembers whether you have enabled or disabled local storage, so the toggle reflects your last choice when you reopen the app.
azcheck_last_audit A JSON object containing: generation timestamp, subscription name, resource group name, audit mode, and the array of setting rows (resource name, setting name, value). See below for the exact schema. Stores the most recent completed audit snapshot so you can compare it against a future audit to detect configuration drift.

Audit snapshot schema

The azcheck_last_audit value is a JSON object with this structure:

{
  "version": 1,
  "generated": "2026-04-30T12:34:56.000Z",
  "subscription": "My Azure Subscription",
  "resourceGroup": "my-prod-rg",
  "mode": "discovery",
  "rows": [
    {
      "resource": "my-storage-account",
      "setting": "HTTPS Traffic Only",
      "value": "true",
      "type": "Storage Account",
      "rawType": "microsoft.storage/storageaccounts",
      "isErr": false,
      "comment": ""
    },
    ...
  ]
}

What is NOT stored

Your Azure access token — this is never stored anywhere, not even in memory beyond the current session
Your email address, name, or any personal identity information
Azure credentials, secrets, keys, or connection strings
Cookies, fingerprinting data, or any tracking identifiers
Any data that is sent to Lensory servers — the snapshot stays entirely in your browser
03

How drift detection uses local storage

Drift detection lets you compare two audit snapshots to see what changed in your Azure resource configuration between audits. Local storage is one of two ways to load a previous snapshot for comparison:

1
You run an audit. When it completes, AZCheck saves the current snapshot to azcheck_last_audit (replacing any previous snapshot).
2
You close the tab and come back later. Next time you run a new audit, the previous snapshot is still in local storage from your last session.
3
On the done screen, click "Compare (stored)". AZCheck loads the previous snapshot and shows you a diff — every setting that changed, was added, or was removed.
4
The comparison happens entirely in your browser. No data is sent anywhere. The diff is computed in JavaScript and displayed on screen.

You can also use the "Save Snapshot" button to download a named JSON file (e.g., AZCheck_my-rg_2026-04-30_snapshot.json) and the "Compare (file)" button to load any previously saved file for comparison — no local storage required.

✓ Which approach is right for you?

Use local storage if you audit the same resource group regularly and want effortless one-click comparison across sessions. Use JSON file download/upload if you want to keep a named archive of audits over time, share snapshots with colleagues, or prefer not to use browser storage at all.

04

Enabling and disabling the feature

Local storage is off by default. To enable it, click the ⚙ Settings button in the top-right of the audit app and use the toggle:

Browser Local Storage
Auto-save last audit snapshot for drift detection

Turning the toggle off immediately stops any further writes to local storage. To remove data that has already been stored, you can:

A
Turn off the toggle in Settings. New audits will no longer be saved. Existing data stays until you clear it.
B
Clear via browser DevTools. Open DevTools (F12) → Application tab → Local Storage → https://azcheck.dev → right-click azcheck_last_audit → Delete.
C
Clear all site data. Browser Settings → Privacy → Clear browsing data → Cached images and files / Site data → Clear for azcheck.dev.
05

Why this is not a cookie and cannot track you

This is a question worth answering directly, because "local storage" and "cookies" are often lumped together in discussions about browser privacy.

Key differences

Not sent with network requests. Cookies are automatically attached to every HTTP request your browser makes to the server — this is how they enable tracking across sessions and sites. Local storage data is never sent automatically. JavaScript can read it, but only JavaScript running on azcheck.dev.
Origin-isolated. Local storage is scoped to a single origin. Only pages served from azcheck.dev can read or write AZCheck's local storage. No other website can see it, read it, or interact with it in any way.
No third-party access. Cookies set with SameSite=None can be read by third-party scripts embedded on a page. Local storage has no equivalent mechanism — it is always same-origin only.
AZCheck sets zero cookies. We do not set any cookies — not for this feature, not for analytics, not for sessions. Cloudflare Web Analytics (the only analytics we use) is cookie-free by design.
✕ What local storage cannot do

Local storage cannot identify you, track you across websites, or be used to build a profile of your behaviour. It cannot be read by Lensory's servers. It cannot be read by any third party. It contains only the data that you chose to store there by enabling this feature.

06

Questions?

If you have questions about how AZCheck handles data, including this feature, contact us at privacy@lensory.io. See also our Privacy Policy and Terms of Use.