Terms of Service

Last updated: June 1, 2025 · Effective immediately upon account creation

1. Service Description

PyPI Watch is an information monitoring service that periodically fetches package metadata from the Python Package Index (PyPI) public API, compares the SHA256 hashes of published wheel (.whl) files against previously recorded baselines, and delivers change notifications to registered users via email and, where configured, Slack.

PyPI Watch is a supplementary monitoring tool, not a security product. It does not scan package contents, perform malware analysis, audit source code, or guarantee the integrity or safety of any Python package.

2. Disclaimer of Warranties

PyPI Watch is provided "as is" and "as available" without warranty of any kind, express or implied, including but not limited to warranties of merchantability, fitness for a particular purpose, accuracy, or non-infringement.

Specifically, PyPI Watch does not warrant that:

All hash changes will be detected (missed detections may occur due to polling intervals, API failures, or service outages).
Alerts are free from false positives; a hash change may reflect a legitimate re-upload by a package maintainer.
Use of this service will prevent supply-chain attacks, data breaches, or any security incident.
The information provided is complete, accurate, or current at the time of delivery.

You assume full responsibility for any decision made based on alerts or information provided by PyPI Watch.

3. Limitation of Liability

To the maximum extent permitted by applicable law, PyPI Watch and its operators shall not be liable for any damages arising from your use of, or inability to use, this service, including but not limited to:

Direct damages (e.g., costs of remediation, forensic investigation)
Indirect or consequential damages (e.g., lost profits, business interruption)
Incidental damages (e.g., costs incurred from acting on an incorrect alert)
Damages arising from detection failures, delayed alerts, or service downtime

This limitation applies regardless of the form of action, whether in contract, tort, strict liability, or otherwise, even if PyPI Watch has been advised of the possibility of such damages.

To the extent that any liability is found notwithstanding the above, PyPI Watch’s total cumulative liability to you for any claims arising out of or related to these Terms or the Service shall not exceed the greater of (a) the total fees paid by you to PyPI Watch in the three (3) months immediately preceding the event giving rise to the claim, or (b) USD $10.00.

4. Refund Policy

All payments are non-refundable. Once a billing cycle has been charged, no partial or full refund will be issued for unused time within that period.

New subscribers receive a 14-day free trial. No charge is made during the trial period. You may cancel at any time before the trial ends without incurring any cost. Cancellation takes effect at the end of the current billing cycle; monitoring continues until that date.

5. Service Availability

PyPI Watch is provided on a best-effort basis. No specific uptime, availability, or response-time SLA is guaranteed. Scheduled and unscheduled maintenance may occur without prior notice.

PyPI Watch relies on the PyPI public JSON API, which is operated by the Python Software Foundation and is outside our control. Outages, rate-limiting, or structural changes to the PyPI API may cause missed or delayed detections. PyPI Watch accepts no liability for detection failures caused by third-party API unavailability.

6. Acceptable Use

You agree not to use PyPI Watch to:

Circumvent, disable, or interfere with service security or access controls.
Attempt to scrape, bulk-export, or reverse-engineer service data or infrastructure.
Create accounts for automated abuse, spam, or denial-of-service purposes.

Each account is subject to a maximum number of monitored packages per plan as published on the pricing page. Exceeding the limit may result in monitoring being paused for additional packages until the account is upgraded.

7. Governing Law

These Terms of Service are governed by and construed in accordance with the laws of Japan, without regard to its conflict-of-law provisions. Any dispute arising under these terms shall be subject to the exclusive jurisdiction of the courts of Japan. We reserve the right to change the governing jurisdiction in a future revision of these terms with reasonable notice.

8. Changes to These Terms

We may update these Terms of Service at any time. Material changes will be communicated to registered users via email at least 14 days before taking effect. Continued use of the service after the effective date constitutes acceptance of the revised terms.

9. Contact

For questions regarding these terms, please contact us at support@pypiwatch.com.