Skip to content

PyPI Privacy Notice

Last updated December 16, 2025

This privacy notice describes what personal information the Python Software Foundation (“PSF”) collects from user of the Python Package Index ("PyPI"), when and how we share that information, and why. This notice is an addendum to the PSF Privacy Notice, which also applies to users of PyPI.

1. INFORMATION WE COLLECT

PSF may collect the following information from users of PyPI:

  • Email addresses
  • Display names
  • IP addresses
  • HTTP User-Agent
  • Company, firm, organization, agency, or other entity information
  • Billing and payment information

We use analytics.python.org to aggregate traffic analytics. No personal information is collected. We self-host Plausible Community Edition to collect some anonymous usage data for statistical purposes. The goal is to track overall trends in our website traffic, it is not to track individual visitors. All the data is in aggregate only. No personal data is collected. Data collected includes referral sources, top pages, visit duration, information from the devices (device type, operating system, country and browser) used during the visit and more.

2. USE OF THIRD PARTY SERVICES

The PSF uses some third party services to assist with operating online services supporting PyPI. Specifically, we use:

  • Amazon Web Services (AWS) to host the PyPI website and services. We store your information on AWS servers. Their use of this information is subject to the Data Processing Addendum between AWS and PSF and the AWS Privacy Notice (https://aws.amazon.com/privacy/).]

  • Fastly to host the PyPI website and services. Your information transits their servers. Their use of this information is subject to the Data Processing Terms between Fastly and PSF and the Fastly Privacy Policy.

  • Sentry to aggregate error information from the PyPI website and services. Some personal information may be stored on their servers. Their use of this information is subject to the Data Processing Addendum between Sentry and PSF and the PSF and the Sentry Privacy Policy.

  • Datadog to aggregate metrics and application performance data. Some personal information may be stored on their servers. Their use of this information is subject to the Data Processing Addendum between Datadog and PSF and the PSF and Datadog Privacy Policy.

  • Stripe to process payments. Your billing information is stored on their servers and we process your payments using their services. Their use of this information is subject to the Data Processing Agreement between Stripe and PSF and the Stripe Privacy Policy (https://stripe.com/privacy).

  • Google Cloud to operate our linehaul service, which provides our BigQuery public dataset. No personal information is collected. Request time, Request URL, TLS protocol and cipher, HTTP User-Agent, and approximate country of origin are sent to their servers. User-Agents are stored in aggregate form only. Their use of this information is subject to the Cloud Data Processing Addendum between Google and the PSF and the Google Cloud Privacy Notice.

3. HOW DO WE USE THE PERSONAL INFORMATION WE COLLECT

We use the information you provide in the following ways, in addition to the uses described in the PSF Privacy Notice:

  • To provide you with information about activites relevant to you on PyPI
  • To administer and improve the PyPI website and services
  • To process payments
  • To provide the PyPI BigQuery Public Dataset