This page is intended to provide educational resources and process guides to GitLab Marketing for recurring Legal requests.
A trademark is a word, symbol, device, or any combination used to identify and distinguish one's goods or services from others. It is a form of Intellectual Property and it has value; so much value that using someone else’s trademarks improperly or failing to protect your own can cost companies large amounts of money.
There are important things to consider when settling on a name and ensuring we get the most value from our mark as possible.
Strength: The ideal trademarks are "fanciful" or "arbitrary." Fanciful is just a nice way of saying “made up”. This category includes marks like Kodak, Xerox, iPod, Lego, etc.; you know, those words that had absolutely no meaning before they were trademarked. Arbitrary just means that the name and the product are not generally found together or otherwise related. For instance, computers and apples generally don’t go together; therefore, Apple has a very strong mark.
Use: Unlike patents, in order to protect a trademark – you must use it. You can’t register it and then let it sit on the shelf until you decide what to do with it. It must be used AND it must be used in the manner with which you said you would use it. Misusing even a great trademark can make it so common that it can get difficult and expensive to protect.
Market: A trademark does not prevent everyone else from using that same word. For example, there is Delta Airline, Delta Dental and Delta faucets. The key distinction here is likelihood of confusion. If you see “Delta” on a plane – you know that it is the airline company. If you see “Delta” on a sink faucet, is there a real likelihood that you would expect frequent flier miles from it? Probably not. So two very different companies can use the same name because most people are smart enough to realize that these are very different companies.
While you can have the same word for different markets, you can’t have different words for similar markets if those different words are similar to a trademarked word (back to that likelihood of confusion standard).
Registration: Another thing to consider is if I should register the mark. In some common law countries (such as US, UK, South Africa, Australia, et al), those who use the mark first get protection. (These trademarks are denoted by a “TM”.) Admittedly, it can get difficult to determine when that first use occurred; so registration in common law countries helps to clear that date issue up. In any non-common law country, the first to file owns the mark. To set a date certain and own the mark, marks get registered. If a mark is registered, it gets an “®”. Whenever you use an R for a mark, you should also state where the mark is registered.
Cultural Significance: Last but not least, cultural sensitivity is critical. Any attempt to market globally and/or translate trademarks must be met with heightened attention.
Like with any conversation, it is critical to be aware of how your words are received in different cultures.
Note: Trademarks aren’t just words. As mentioned above, trademarks can be symbols, as well, and this catetgory is very broad. Take the following examples -
Marketing owns GitLab's Brand Guidelines.
For GitLab Team Members Only:
If we suspect that a third party is making unauthorized use of the term GitLab, or any other GitLab trademark, the process below should be followed:
Some examples of unauthorized use may be found in:
If you’re not a GitLab team member, please share any reports of suspected infringement with us at [email protected].
Any use of third-party trademarks should be covered by a Trademark Use Agreement. Various Marketing teams manage these agreements, requesting help from Legal team contract managers only when terms need to be negotiated. If you would like to use a 3rd party logo, please work with the appropriate Marketing team to ensure there is a trademark use agreement in place or to request such an agreement.
From time to time, GitLab sponsors promotional games. While these seem simple enough and may be an effective marketing tactic, there are quite a few factors for Legal to consider when planning such an event. Because of this, requests for Official Rules should be submitted at least 2 weeks prior to the date you need a decision.
If you are planning a promotional game, you will need legal approval for the proposed promotional game. Please use the Promotional Games Legal Template housed in the Marketing Ops repo.
The following explanations will help you fill out the template completely. This is essential, as all of the questions were developed based on legal requirements. Issues that do not answer all the questions will not be approved and the due date may be impacted.
Raffles. Please avoid using the term "raffle", as raffles are a type of lottery whereby the participants pay money to purchase a ticket for the opportunity to be entered into a drawing. Raffles are normally conducted for charitable purposes and differ from a traditional sweepstakes, where participants can enter without making a purchase and must be able to enter for free.
Hosting Country. Because laws vary based on locale, it is necessary for Legal to know as much as possible about where the promotional game will take place. (In the case of remote events, please tell us the intended audience. For example, it may be targeted to EMEA users/prospects. Legal will then review our internal guidelines to determine which country we will designate as the host country.)
Promotional Game Description. Various countries have certain requirements regarding what information must be communicated in the promotional game descriptions. While you may make small edits to your description throughout the process of developing your promotional game, it is important for Legal to know what communication to entrants will look like so we can ensure that it complies with local law. The game description should be clear regarding what steps the consumer needs to take and what they need to do in order to participate.
Use of Personal Data. You must articulate what you will do with personal data you collect through the promotional game so Legal can help you ensure that communication and/or consent is handled properly.
Questions. The questions you intend to use for a survey or quiz as part of a promotional game must be submitted for review. This is mainly for informational purposes so that Legal can understand more about the promotional game and what rules may apply. It is unlikely that we will "disallow" the questions, but we may have input for wording. The questions will also help us know what language to include in customized rules.
Prize Descriptions and Depictions. Please provide as much information as possible regarding the prize(s) that will be awarded including, for example, the number of prizes, size(s) available, color(s), technical specifications, etc. The rules must clearly describe the prize(s) so that the prize is not subject to interpretation or create confusion. The brand name of a prize can be used in the description. If an image of the actual prize will be used, it shouldn’t be so prominent that it looks like the prize manufacturer is sponsoring the promotion.
Prize Values. Local law often hinges on the value of the prizes, so it is necessary to know what prizes and how many prizes will be awarded prior to creating rules. Legal may request a change in prizes if the value amount is over a certain threshold and adds significant Legal requirements to the event. This will vary from country to country and sometimes from state to state. As a rule, prize values should not exceed US$599.00, to avoid U.S. tax form requirements, and the total value of all prizes in a promotion should not exceed US$4,999.00, to avoid registration and bonding requirements in certain U.S. states.
Awarding Prizes. The method and criteria for winning a prize must be detailed, as this will affect what the rules will include. For example, in a game of chance/sweepstakes, winners are selected through a random drawing. In a contest/game of skill, winners are selected through criteria on which they are judged.
Winner List. You must make a winner list available (public URL or via email request), as this is a requirement in nearly every jurisdiction. We take privacy seriously, so we will post first initials and last names where allowed by law.
Once your issue description is completely filled out, Legal will review all the details in light of the applicable laws and make recommendations to tailor the promotional game. Legal will also provide the Official Rules and the Abbreviated Rules. Depending on the locale, you may be required to obtain a translation of the rules to local languages. Legal does not provide this, so you will need to ensure that you have the ability to procure this through Marketing vendors. Some rules can be translated through automated services, but others may require human translation depending on the prize amounts and jurisdiction.
Any promotional game sponsored by GitLab must be accompanied by Official Rules. Once legal has drafted and provided these to you, you will need to create a new page under the GitLab Sweepstakes page and add a link to the list of Current promotional games. Once you have added the rules for your promotional game, link to these from the landing page of your entry form or promotion.
Abbreviated Rules, with a link to the full Official Rules, must be present wherever there's a mention of the promotion or prizes. Abbreviated Rules will be provided by legal.
Note: Remember to move your page from the
Current to the
Past lists once your promotional game is complete.
The ability to communicate and market to customers and prospects is an essential activity for GitLab. To do this, we must ensure the collection of personal information and the ability to contact is done in a manner compliant with applicable laws. It is also beneficial for GitLab to use consistent language across our sites and forms when obtaining consent to communicate with our customers. The Marketing Rule Book is intended to be a reference guide to (a) help understand the email and phones rules for a few select countries; and (b) provide the standard consent language to be used, depending on the scenario.
For requests related to the use of an individual's image or voice in print or digital media, for team members and non-team members, refer to the Publicity Waiver and Release Guidelines and Process.
Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM) came into effect in the United States in 2003 and impacts all mass electronic marketing communications. Other countries have similar e-mail spam laws.
CAN-SPAM sets forth certain requirements that must be honored when sending out mass emails and other marketing materials.
Keep the header honest. The reader needs to be able to identify who is sending them messages. The email address of the sender should properly denote GitLab as the sender of the company material.
Keep the subject line honest. Don’t mislead the reader or otherwise use deceitful or inaccurate subject lines to compel someone to open the email. Be honest, impactful and short. You can create urgency but, most importantly, create value. In fact, the more authentic and clear the email, the less likely it is to be marked as spam or junk mail.
Acknowledge that it is an ad. This doesn’t mean that you have to go over the top and begin each Subject Line with “Hello, I am an advertisement.” It just means that the sender has to know it is marketing material sent by GitLab. Put it in the subject line or put it in the body - just put it somewhere.
Include location There needs to be a valid business address listed in the emails. This helps ensure that the recipient has a clear and legal point of reference to double check the authenticity of the sender.
Opt-out options are not oppressive. When people receive mail that they don’t want, there must be an easy way to unsubscribe from the lists. And “easy” means my grandmother should be able to figure it out as quickly as my 15-year old nephew. In some jurisdictions, every email sent after an opt-out is selected may be subject to a fine.
Opt-outs need to be quick. Ideally, an opt-out will occur automatically or within a business day or two. If you take more than ten (10) business days to remove an email from a mailing list, things will get messy quickly.
Stay Diligent. If you use a third party to manage business emails, be aware that GitLab could still be on the hook for any wrongdoing. Make sure that any mass communications are reviewed by someone knowledgeable in the spam laws.
We care about our customers and their protection is our focus. For an additional incentive, be aware that failing to comply can cost a lot of money on a per email basis - up to $41,000 per violation.
Privacy and Electronic Communications Regulations (PECR) give people specific privacy rights in relation to electronic communications. PECR sets specific rules around marketing, secure communication services and customer privacy (as regards traffic and location data, itemised billing, line identification, directory listings) and cookies (which is broadly defined).
PECR expands the definition of cookies to include “similar technologies” like fingerprinting techniques. Therefore, unless an exemption applies, any use of device fingerprinting requires the provision of clear and comprehensive information as well as the consent of the user or subscriber.
Consent is not required if the cookie is used: “(a) for the sole purpose of carrying out the transmission of a communication over an electronic communications network; or (b) where such storage or access is strictly necessary for the provision of an information society service requested by the subscriber or user.”
Please note that cookies for analytics purposes are not “strictly necessary.”
PECR applies to any technology that stores or accesses information on the user’s device. This could include, for example, HTML5 local storage, Local Shared Objects and fingerprinting techniques.
Device fingerprinting is a technique that involves combining a set of information elements in order to uniquely identify a particular device. Examples of the information elements that device fingerprinting can single out, link, or infer include (but are not limited to):
It is also possible to combine these elements with other information, such as IP addresses or unique identifiers, etc.
PECR also applies to technologies like scripts, tracking pixels and plugins, wherever these are used.