If you submit your email address via the early access sign-up form, we store it to notify you when early access opens. That’s the only personal data we hold. Using the audit tool requires no sign-up and we collect nothing from your audit session.
Your Azure Cloud Shell access token is held in browser memory only — it is never sent to our servers. The Azure resource configuration data your audit fetches is never transmitted to us; your Excel report is generated entirely in your browser.
Your email address is retained until we send you the early access notification, or until you ask us to delete it — whichever comes first. Email [email protected] at any time to be removed.
Nobody. Your email is stored in Cloudflare D1 (our database host). We do not sell your data, share it with advertisers, or pass it to any third party. Cloudflare serves the site and processes request metadata as our infrastructure provider.
You can request a copy of any data we hold about you, ask us to correct it, or ask us to delete it at any time. Under the New Zealand Privacy Act 2020 you may also complain to the Privacy Commissioner if you feel we’ve handled your data incorrectly.
We use Cloudflare Web Analytics — privacy-preserving, no cookies, no fingerprinting, no individual tracking. We see only aggregate numbers (total page views, top pages, traffic by country). We set no cookies of any kind.
The plain English summary above is for readability only. The full legal policy below governs your use of the service.
AZCheck ("the Service") is operated by Lensory. For privacy enquiries, contact us at [email protected].
This Privacy Policy applies to personal information we collect when you use the Service, in accordance with the New Zealand Privacy Act 2020 and its Information Privacy Principles (IPPs).
If you submit your email address via the early access sign-up form on our homepage, we collect and store your email address only — used solely to notify you when early access to account features opens.
AZCheck does not require you to create an account or sign in to use the audit tool. During an audit session, we do not collect or store:
management.azure.comOur frontend is served by Cloudflare (United States, with a global edge network), which provides DNS, CDN, and Web Analytics for this site. As part of operating this infrastructure, Cloudflare processes request metadata at the network edge — including IP addresses, user agents, countries of origin, and request timestamps — for security, performance, and aggregate traffic measurement.
Cloudflare Web Analytics is enabled on this site. It is privacy-preserving by design: it does not use cookies, does not fingerprint individual users, and does not track users across sites. Lensory sees only aggregate metrics — total page views, approximate visitor counts, top pages, traffic by country — with no data attributable to individual visitors.
Early access email addresses are stored in Cloudflare D1, also operated by Cloudflare. All Cloudflare services are subject to Cloudflare’s Privacy Policy.
When you paste your Azure Cloud Shell access token into AZCheck:
management.azure.com — Microsoft’s official Azure Resource Manager API.AZCheck issues only HTTP GET requests against the Azure Resource Manager API. There are no PUT, POST, PATCH, or DELETE code paths in the application. Your existing Azure RBAC permissions also enforce this server-side — a Reader role on the resource group is sufficient and is all the tool requires.
Your audit report is generated entirely within your browser using a client-side JavaScript library (xlsx-js-style). The resource names, settings, and values used to build the report are never transmitted to our servers. The file is written directly to your device when you click export.
We do not set any cookies. We do not use localStorage or sessionStorage to store personal data or session state. No tracking cookies, advertising cookies, or third-party analytics scripts are present on this site.
The Service loads fonts from Google Fonts CDN and the xlsx-js-style library from jsDelivr CDN. These requests may expose your IP address to those providers as part of normal CDN operation, but no personal data about you is transmitted to them by AZCheck itself.
The Service is not directed at children under the age of 16. We do not knowingly collect personal information from anyone under 16. If we become aware that we have collected such information, we will delete it promptly.
Under the New Zealand Privacy Act 2020, you have the right to:
We will respond within 20 working days as required by the Privacy Act 2020. If you are unsatisfied with how we handle your request, you may lodge a complaint with the Office of the Privacy Commissioner of New Zealand at privacy.org.nz.
We may update this Privacy Policy from time to time. In particular, when account and audit history features are introduced, this policy will be updated to reflect the additional data collected at that time. When we make material changes, we will update the “Last updated” date at the top of this page.