Any time GitLab is bound to terms and conditions, and/or, required to:
Team Members must follow the applicable process to ensure all terms and obligations are reviewed and approved by specific stakeholders.
General examples include:
ALL AGREEMENTS TO BE EXECUTED MUST INCLUDE THE GITLAB LEGAL STAMP INDICATING IT HAS BEEN REVIEWED AND APPROVED BY THE APPLICABLE LEGAL TEAM MEMBERS PRIOR TO SIGNING BY AN AUTHORIZED GITLAB TEAM MEMBER PER THE AUTHORIZATION MATRIX. ANY REQUEST FOR SIGNATURE WITHOUT A LEGAL STAMP WILL BE REJECTED.
Any time a Team Member is requesting (or potentially requesting) to purchase any software, services, or any other offering(s) from a third party, the procurement process must be followed. For full details on the procurement process please see the Procurement Handbook.
As part of the procurement process, all purchases by GitLab will be reviewed by Finance, Security, IT & Legal.
ANY PURCHASE THAT DOES NOT FOLLOW THE PROCUREMENT PROCESS WILL BE SUBJECT TO REJECTION AND GITLAB WILL NOT RENDER PAYMENT.
With respect to any Customer or Partner Agreements, please follow the processes stated in the Sales Guide: Collaborating with GitLab Legal
Follow the process located at the NDA Handbook Page
If you have a request that doesn't align to those above, please feel free to contact #legal in Slack for guidance on which process to follow.
The table below designates team members that are authorized to sign legal documents, provided that the Agreement has been reviewed and approved by GitLab Legal as evidenced by the GitLab Legal Stamp. All Team Members with signatory authority should review the signature authorization matrix to ensure they have the applicable signing authority for the document they are being requested to sign.
Those with signatory authority should not sign any Agreement unless there is a GitLab Legal Stamp.
For general procedural guidelines, please see our Authorization Policy.
(All Functional Approvals require approval from previous tiers in hierarchy - Example: A CEO approval must also be approved by the exec team member prior to the CEO)
Changes or amendments to the authorization matrix is approved by the CEO and CFO. If authority to the CEO is changed then board approval is required.
This authorization matrix policy (“Policy”) is to provide procedural guidelines in support of GitLab Inc.’s (the “Company”) Authorization Matrix.
Separate legal authority is required in many instances to sign documents due to local laws and apply to corporate legal documents, contracts, contractual amendments, purchase orders, etc. The support for these signature approvals are contained in the corporate or similar documents and provides the delegated approval for appropriate corporate functions/individuals. Team members preparing documents that affect one of the Company’s subsidiaries must seek the Tax Team’s input prior to completing the action so as to meet the requirements of local law.
Exceptions to this Policy must be approved by the Chief Financial Officer (the “CFO”) and the Chief Legal Officer (the “CLO”) or the CFO’s or CLO’s delegate.
Primary Authorized Signatories
The Company’s Authorization Matrix (“Authorization Matrix”) outlines the functional and financial approvals required, and designates team members that are authorized to sign legal documents (“Authorized Signatories”). The Authorization Matrix is a significant part of the Company’s system of internal controls. The Company’s internal control structure is a result of a combination of organizational design policies, processes, financial and nonfinancial performance measurements, and a team member’s awareness of all of these factors.
The Authorization Matrix also specifies limitations on approval authority based on Authorized Signatories title or responsibilities in the Company and a maximum dollar amount for types of transactions.
The Authorization Matrix should be referenced when approving expenses, approving payments, legal contracts, bad debt write off, compensation/hiring-non executive, benefit changes, employee travel & entertainment, and transfer of funds among GitLab subsidiaries.
A team member is not authorized to approve transactions involving amounts in excess of the threshold established for their tier in the hierarchy (or any lesser threshold amount that may be specified in the applicable written Delegation Authority).
Under no circumstances shall any transaction be divided into two (2) or more increments and approved on an individual basis that could result in altering the required level of approval. If a project has multiple parts it should be considered one project and all expenses should be aggregated together. Additionally, if a contract or agreement was approved, (the “Original Transaction”) for a project, transaction or vendor, at a certain spend threshold and within 60 days of approval, another contract or agreement comes through for the same project, transaction or vendor (the “Subsequent Transaction”), the team member should add the total spend for the Original Transaction and the total spend for the Subsequent Transaction to determine the combined total spend. The combined total spend amount should be used to determine the approval threshold amount and the contracts/transaction should be resubmitted for additional approvals if needed.
If any project is expected to exceed the amount originally approved, then additional approvals must be obtained.
Spending is aligned with budget responsibility. Team members have the obligation, on an ongoing basis, to manage and monitor expenditures to ensure expenditures remain within approved annual plan amounts.
Role of Authorized Signatories
Authorized Signatories are authorized to approve, execute, acknowledge, and deliver, in the name and on behalf of the Company, any and all documents within the scope of their authority that they determine to be necessary or appropriate to carry out the transactions authorized thereby.
No person may sign any document on behalf of the Company unless such individual is an Authorized Signatory. Authority to sign includes physical signatures, electronic signatures, and clickthrough agreements that acknowledge the acceptance of an agreement to specified terms and conditions.
Delegation of Authority
When Authorized Signatories are temporarily unavailable due to vacation, illness, travel, or unforeseen events, their signature and approval authority needs to be delegated to ensure the efficient continuation of Company operations and business decisions.
For purposes of this Policy:
Delegation of authority not to exceed 90 days in duration is permitted. Written notice of delegation shall be provided by the delegating team member to the CFO, CLO, the Principal Accounting Officer (the “PAO”) and Director of Legal, Corporate in order for the delegation to be effective.
Authorized Signatories may delegate signature and approval authority to a Delegatee for approving expense and approving payment, subject to the following limitations and requirements:
The Delegator shall:
Delegatee selection criteria. Delegation may only be made to a Delegatee:
Delegation procedures. All delegations must:
Delegation limitations. All delegations:
Any individual who is in an acting or interim position shall have the right to exercise the signature and approval authority of such position.
**Revocation of Authority. **A delegation of authority may be revoked or modified at any time in writing by:
The revoking individual must immediately notify the CFO, CLO, PAO and Director of Legal, Corporate in writing of any such revocation via the Delegation Issue for such delegation.
Responsibilities of Authorized Signatory
Each Authorized Signatory (including Delegatees) is responsible for:
This Policy is not exhaustive. The Company expects all Authorized Signatories to exercise common sense and good judgment in carrying out the decision-making process, such as when deciding the precise consultation and approval route for a particular contract or other transaction. If any contract is of an unusual nature or outside the normal course of Company activities and practices, the Authorized Signatory should elevate such contract to a higher organizational level for review and decision, even if the contract is within the Authorized Signatory’s scope of authority. In cases of doubt, for example in regard to novel, potentially contentious, or higher risk matters, any decisions must be escalated to the CFO, irrespective of monetary value.
Compliance with Other Policies
Signature and approval authority does not override other safeguards in the contracting process. Any approval and execution of a contract must comply with all relevant policies, internal controls, and guidelines of the Company, including those procedures and forms specific to the nature of the activity.
Conflicts of Interest
All team members are responsible for ensuring that the Company does not enter into a contract or other transaction that presents a real or perceived conflict of interest. All team members shall comply with the Company’s Code of Business Conduct and Ethics Policy and Related Party Transactions Policy when reviewing, approving, or otherwise exercising their authority with respect to such contract or other transaction. If a real or perceived conflict of interest does arise, the issue must be resolved prior to entering into such contract or other transaction, as required by the Company’s Code of Business Conduct and Ethics Policy.