Cookie Policy
Guard.ch sets only strictly necessary cookies and browser storage items. There is no cookie banner because nothing on this site requires consent under the ePrivacy Directive. This page documents what is stored, why, and for how long.
1. Introduction
This Cookie Policy explains how Zesiger.net Individual Enterprise ("we", "us") uses cookies and equivalent browser storage technologies (localStorage, sessionStorage) on the Guard.ch website and its session viewer at guard.ch.
It complements our Privacy Policy, which describes the broader processing of personal data, including cookies captured inside the isolated remote browser session that you analyze through Guard. Those captured cookies belong to the websites you visit inside the remote browser; they are not set on guard.ch itself and are covered by the Privacy Policy, not by this document.
2. Legal basis
All items documented below are strictly necessary to deliver a service that you have explicitly requested (loading the site, authenticating, and viewing your own remote browser session). We rely on two converging legal bases.
- ePrivacy Directive, Article 5(3):the storage of, or access to, information on the user's terminal equipment does not require consent where it is "strictly necessary in order to provide an information society service explicitly requested by the subscriber or user". Each item below falls within that exemption.
- GDPR, Article 6(1)(f): processing is necessary for the purposes of the legitimate interests pursued by the controller, namely operating the service, authenticating users, and protecting the platform against abuse. We have weighed these interests against your rights and freedoms and found no override, as the items are first-party, short-purpose, and carry no profiling or cross-site tracking.
Because no non-essential cookies are used, no consent is collected and no consent banner is shown.
3. What we use
The following first-party items may be stored in your browser when you use Guard.ch. All are required for the service to function.
| Name | Type | Purpose | Lifetime | Strictly necessary? |
|---|---|---|---|---|
auth | localStorage | Opaque first-party authentication token issued after a successful login, passkey verification, or anonymous-session creation. Sent with authenticated backend requests to identify your session. | Until you log out, clear browser storage, or the token is revoked server-side. | Yes |
vm | localStorage | Workspace / VM identifier that binds your tab to a specific remote browser session so the viewer can reconnect after navigation or reload. | Until you log out, start a new session, or clear browser storage. | Yes |
analyze_target_<vmId> | localStorage | Stores the analysis target URL associated with a given workspace so the analyze view can restore context if the page reloads. | Until you clear browser storage or the related workspace is removed. | Yes |
<origin>_scaling_dpi | localStorage | Remembers your preferred display scaling (DPI) for the session viewer. | Until you clear browser storage. | Yes (functional preference required to render the viewer correctly). |
<origin>_use_browser_cursors | localStorage | Remembers whether to render native browser cursors inside the viewer. | Until you clear browser storage. | Yes (functional preference). |
| Session cookie | Cookie (first-party, HttpOnly where applicable) | Any first-party session cookie set by our backend on the .guard.ch domain to maintain an authenticated request context, enforce rate limits, and protect against CSRF. | Session-bound; expires when the session ends or is revoked. | Yes |
Keys prefixed with <origin>_ are namespaced per origin by the viewer code, so the exact key string in your browser will include a sanitized form of the page URL.
4. What we do not use
We do not use analytics cookies, marketing or advertising cookies, retargeting pixels, social plugins, session replay on our own marketing site, or any third-party tracking scripts. We do not perform browser fingerprinting on guard.ch for identification or analytics purposes, and we do not share identifiers with ad networks or data brokers. Cookies and storage items captured inside the isolated remote browser session you operate through Guard belong to the sites you visit there and are governed by our Privacy Policy, not by this Cookie Policy.
5. How to refuse or clear
Because everything we store is strictly necessary, refusing it will break the service: you will not be able to authenticate or load a remote browser session. With that caveat, you remain fully in control of your local storage at all times.
- Log out from the account menu. This removes the
authtoken and ends your server-side session. - Clear site datain your browser's settings (commonly under Privacy or Site Settings). This removes all localStorage entries and cookies for guard.ch.
- Use private or incognito mode to prevent persistence across sessions; storage is cleared when the private window closes.
- Block cookies for guard.chvia your browser's per-site controls. The site will not be functional in that state.
Major browsers document these controls under names such as "Cookies and site data", "Clear browsing data", or "Manage website data".
6. Changes to this policy
We may update this Cookie Policy from time to time, for example when we add a new strictly necessary storage item or change how an existing one works. The "Last updated" date at the top of the page reflects the most recent revision. Where changes are material, we will note them visibly on the site before they take effect. Prior versions are kept on request.
7. Contact
Questions about this Cookie Policy or how we handle cookies and browser storage can be addressed to:
Zesiger.net Individual Enterprise
Mügeri 340, 5046 Schmiedrued, Switzerland
privacy@guard.ch
See also our Privacy Policy and Imprint.