Privacy policy

Last updated: 2026-06-03.

What we collect

• Account data. Username, email, optional display name. Email is used only for account-related messages and verification.
• API keys. We store a SHA-256 hash of each key — not the key itself.
• Package metadata. Name, version, architecture, checksum, upload timestamp, download counters.
• Access logs. IP address, user agent, requested path, status code. Retained for 30 days for abuse-prevention and performance monitoring, then aggregated and discarded.

What we don't do

• We don't run third-party ad or tracking pixels.
• We don't sell or share your data with marketers.
• The CLI does not phone home. Pulls, pushes, and logins contact the registry directly and nothing else.

Your rights

You can request an export or deletion of your account and its data at any time by emailing privacy@niso.online. We aim to respond within two business days.

Cookies

We use a single first-party cookie — niso_session — to keep you signed in. No analytics cookies unless you explicitly opt in.