We are glad you are here! GitLab's Legal Team is small but mighty and entirely at your service.
We take employee concerns very seriously and encourage all GitLab Team Members to report any ethics and/or compliance violations by using Lighthouse. Futher details are found on the People Ops Handbook page.
For quick questions that do not require legal advice, deliverables, or any discussion of confidential information, you can reach out to the GitLab Legal Team at
#legal. We find this channel best for questions regarding process, who handles what or how to find certain things if the Handbook has not yielded the right result for you after searching.
#legal is not a private channel, so your inquiry will be visible to the entire company. One of our Team Members will do their best to answer your question in a timely fashion. If your request is sales or procurement related, involves legal advice, deliverables, or any discussion of confidential information, please follow the process set forth in the table below.
|Type of Request||Process / Information|
|Sales / Customer Related matters (which includes any matter that is, or could potentially be, revenue generating)||Sales Guide: Collaborating with GitLab Legal|
|Procurement / Vendor (which includes any matters related to a potential purchase by GitLab)||Procurement Page Procurement will engage legal as necessary
Visit the Procurement Guide: Collaborating with GitLab Legal for additional information
|Marketing||Visit the Marketing Guide: Collaborating with GitLab Legal, which covers amongst other things Contests and Sweepstakes and Media Consent and Model Release Requests
If the request is not addressed in the Marketing Guide, open a new General Legal Issue
|Engineering requests related to use of third-party software; Questions related to acceptable use of open source licenses||Open a Legal Issue and include applicable information related to the request
Visit Open Source at GitLab for helpful information including Acceptable Licenses
|*Any Non Engineering, Marketing, Sales or Procurement Request (Corporate, Marketing, Employment or Product & Privacy Questions)||Email: Legal_Internal@gitlab.com|
|NDA Request||Use the GitLab NDA send to recipient using electronic signature. See Signatory Matrix for who can sign on behalf of GitLab|
*To ensure the protection of confidential and privileged information, GitLab Legal is proud to use Service Desk for all general requests. For more information on Attorney-Client Privilege, see the General Legal FAQs below.
GitLab's Code of Business Conduct and Ethics summarizes the ethical standards for all directors, officers, team members and contractors of GitLab and of its direct and indirect subsidiaries and is a reminder of the seriousness of our commitment to our values. Please click here to read GitLab's Code of Business Conduct and Ethics in its entirety.
This discussion is limited to the practice of law in the U.S. As we continue to grow globally we will update this and expand how privilege applies in other jurisdictions.
Attorney-Client Privilege is a principle that provides protections for certain communications between clients and their attorneys that meet specific criteria.
First of all, the communications must be for the purpose of seeking legal guidance and advice. For this reason, the underlying facts may not be protected if they are available from another source. Opinions and analysis of the facts, and discussions thereof, with the attorney are protected.
Secondly, communications must be confidential. Information is also not protected if it is available from another source meaning that simply telling your attorney or copying your attorney on a communication does not protect the information.
Work Product is a U.S. doctrine in which an attorney’s notes, observations, thoughts, and research prepared by, or at the direction of, an attorney in anticipation of litigation are protected from being discoverable during the litigation process.
Attorney-Client and Work Product privileges allow clients to speak freely with their attorneys and encourage full disclosure so they can receive accurate and competent legal advice without the fear of having their attorney compelled to testify against them and disclose the information shared by the client.
There is not one uniform answer that covers all jurisdictions in the U.S. However, most jurisdictions will use at least one of the following tests to see if the individuals involved have privileged communication.
For more questions and answers about Attorney-Client Privilege in the corporate setting, search “AC Priv tests” in Drive.
A litigation hold is the process a company uses to preserve all forms of relevant evidence, whether it be emails, instant messages, physical documents, handwritten or typed notes, voicemails, raw data, backup tapes, and any other type of information that could be relevant to pending or imminent litigation or when litigation is reasonably anticipated. Litigation holds are imperative in preventing spoliation (destruction, deletion, or alteration) of evidence which can have a severely negative impact on the company's case, including leading to sanctions.
Once the company becomes aware of potential litigation, the company's attorney will provide notice to the impacted employees, instructing them not to delete or destroy any information relating to the subject matter of the litigation. The litigation hold applies to paper and electronic documents. During a litigation hold, all retention policies must be overridden.
The Foreign Corrupt Practices Act is a United States federal law that prohibits U.S. citizens and entities from bribing foreign government officials to benefit their business interests. It is not only an invaluable tool to help fight corruption but one to which we must be compliant. As GitLab Inc. is a U.S. incorporated entity, we need to make sure our operations worldwide are compliant with the provisions of the Foreign Corrupt Practices Act. To that end, GitLab requires Team Members to complete an annual online course relating to anti-bribery and corruption at GitLab. In the training, learners will explore improper payments, including facilitation payments and personal safety payments, as well as policies on commercial bribery.
The goal of the course is to ensure our Team Members understand what it takes to avoid corruption, especially in high-risk countries, and to ensure GitLab is compliant with legal and regulatory obligations.