Cookies and local storage used by auth0/lock/hosted login

I am looking for privacy/stored data documentation related to auth0, lock.js and hosted login. This should be similar to the documentation at that covers auth0 web presence.

Many companies (think privacy laws in many EU countries, cookie banners etc.) are required to provide such information to their users.

By looking at the stored data it seems that there are nonces in the local storage and some encoded data or id in a cookie but some official guidance would be nice.