User Data Requests users can submit information delete requests and information export requests through Both types are submitted in the form of support requests and are be executed by the administrators within 30 days.

The following user data is directly accessible through

  • Account related data such as email address, login account, profile picture, and email notification settings
  • Owned API Keys
  • List of owned packages

This data is not included in data exported through the support request.

Identifying customer data

Customer data can be identified as user account names.

Deleting customer data

To request deleting user data from

  1. The user must sign-in to
  2. The user must submit a request for their account to be deleted

Users that are sole owners of packages are encouraged to find new owners before asking to have their account deleted. If package ownership is not transferred, the NuGet package is unlisted and, as a result, it is no longer available in search queries in Visual Studio or on the website. Before deleting the account, the administrators work with the user to find new owners for the packages they own.

The account delete action is completed by the administrator within 30 days from the date of the request.

Upon account deletion, all of the user's data is be removed from the system and the following actions are taken:

  • The deleted account becomes unregistered with
  • All owned API Keys are deleted
  • All reserved namespaces are released
  • Any package ownership are removed

The owned packages are not deleted. Though unlisted from search results, they remain available through package restore to projects that depend on them.

Exporting customer data

After sign-in to, a user can submit an export request through

The data exported is made available for 48 hours to the user for download through an Azure Blob. After 48 hours, access expires and the user must submit a new export request as needed.

The exported data includes:

  • The user's support requests
  • The user's actions (publish package, create account) as persisted in the audit logs
  • Any user information as persisted in the IIS logs