Gitlab hero border pattern left svg Gitlab hero border pattern right svg

The GitLab Legal Team

On this page

The GitLab Legal Team as your Trusted Partner and Advisor

You can reach out to the Legal Team on the #legal Slack chat channel. The legal Slack chat channel is reserved for everyday legal questions. If you are making a request that requires some sort of deliverable, please do not use the legal Slack chat channel. Slack is reserved for immediate, informal communications. Also, please do not share confidential information on Slack that is not meant for the entire company to see, and do not use it to seek legal advice. You can email the legal team at

The legal email is connected to the legal issue tracker via Service Desk, therefore, whenever an email is sent to the legal email it automatically creates an issue in the legal issue tracker. That being said, please DO NOT:

If you need to request legal services, there are three main processes, depending on your legal need.

1. Vendor Contracts

If you are seeking review of a vendor contract, your request must go through GitLab's Vendor Management process to make sure it has been reviewed by appropriate stakeholders and that the request receives all necessary approvals. This process involves Finance (for budgetary purposes), Security (when personal data is involved to ensure the vendor's systems and procedures meet our minimum standard), Business Operations, Legal (for contract review), and an approved Signer (for final approval and signing). For instructions on how to submit a new vendor contract for review, please see the Vendor and Contract Approval Workflow. Once the contract is completed it should be uploaded by the requestor into our contract management database tool ContractWorks.

3. Requests for Insurance Certificate

If you need an insurance certificate (other than for worker's compensation) you can send an email request directly to our insurance broker at ABD. You will need to include contact information for the customer seeking to be added to the certificate and any other specific requirements relating to the coverage. If you require an insurance certificate for worker's compensation email: with the same information.

4. Requests Relating to Any Kind of Intellectual Property (Patents, Copyrights, Trademarks, Etc.)

If you have any questions or requests relating to the intellectual property rights of GitLab or any third party, including (but not limited to):

send all requests to the Legal email address.

For all other requests that require a deliverable and are not appropriate for Slack, such as assistance with questionnaires or compliance questions, please use the private Legal Issue Tracker by submitting your request to the Legal email address. This will send your request to the Private Legal Issue Tracker using GitLab's Service Desk functionality. Through the legal issue tracker, you will not be able to access the issue itself, but instead will be updated regarding the status of your request through email. Please be sure to include sufficient detail regarding your request, including time-sensitive deadlines, relevant documents, and background information necessary to respond. Please note that ONLY the Executive Team and Sales Directors have access to the Legal Issue Tracker in order to maintain the confidentiality and privilege of any issues that may be discussed within the Legal Issue Tracker. For more information on Attorney-Client Privilege, see the General Topics and FAQs below.

Contract Templates

General Topics and FAQs

1. The Attorney-Client Relationship in the United States

This discussion is limited to U.S. practices because currently our team members only communicate with U.S. practicing attorneys. As we continue to grow globally we will update this and expand how privilege applies in other jurisdictions.

What is the Attorney-Client Privilege?

Attorney-Client Privilege is a law that has been adopted in each of the states of the U.S in some form. Generally, the law protects communications between clients and their attorneys for the purpose of seeking legal guidance and advice. The information is not protected if it is available from another source. Therefore, information cannot be placed under the protections of Attorney-Client privilege simply by telling your attorney or copying your attorney on a communication. In addition, the underlying facts are also not protected, only the opinions and analysis of the facts, and discussions thereof, with the attorney. The privilege belongs to the client, and therefore, can only be waived by the client.

What is Work Product?

Work Product is a U.S. doctrine in which an attorney’s notes, observations, thoughts, and research prepared by, or at the direction of an attorney, in anticipation of litigation, are protected from being discoverable during the litigation process.

What is the purpose of these Privileges?

The purpose of the Attorney-Client and Work Product privileges is to allow clients to speak freely with their attorneys and encourage full disclosure so they can receive accurate and competent legal advice without the fear of having their attorney compelled to testify against them and disclose the information shared by the client.

Who do these Privileges Apply to at GitLab?

There is not one uniform answer that covers all jurisdictions in the U.S.

A minority number of states apply the Corporate Group Test. This test is quite restrictive and only allows for the protection of corporate communications to the corporation's controlling executives and managers.

A more commonly used test is the Subject Matter Test. Instead of looking at the roles of the employees involved, this test looks at the subject matter of the employees’ communications. The test will look to see if the employee was instructed to discuss the subject matter with the attorney should be protected and if the subject matter of that communication relates to the performance by the employee of the duties of his or her employment.

A slightly modified version of the Subject Matter Test called the Upjohn Test is also widely used. Under the Upjohn Test the privilege is applied only if the following criteria are satisfied:

The Supreme Court case which established the Upjohn Test is also important because it resulted in the Upjohn Warning which is a procedure in which a company’s attorney explains that he or she does not represent the employee individually, but instead represents the interests of the company. This is important to note because a company can waive its privilege at any time, meaning the company could choose to disclose information the attorney received from a covered employee in confidence for use as evidence in a legal proceeding in order to protect the company from liability.

The Subject Matter Test and Upjohn Test are the most commonly used tests. More information about the tests can be found HERE

2. Litigation Holds

What is a Litigation Hold?

A litigation hold is the process a company uses to preserve all forms of relevant evidence, whether it be emails, instant messages, physical documents, handwritten or typed notes, voicemails, raw data, backup tapes, and any other type of information that could be relevant to pending or imminent litigation or when litigation is reasonably anticipated. Litigation holds are imperative in preventing spoliation (destruction, deletion, or alteration) of evidence which can have a severely negative impact on the company's case, including leading to sanctions.

Once the company becomes aware of potential litigation, the company's attorney will provide notice to the impacted employees, instructing them not to delete or destroy any information relating to the subject matter of the litigation. The litigation hold applies to paper and electronic documents. During a litigation hold, all retention policies must be overridden.

Important Pages Related to Legal