Procurement Guide: Collaborating with GitLab Legal

1. You are here:
2. Handbook
3. Legal & Corporate Affairs
4. Procurement Guide: Collaborating with GitLab Legal

Overview

Thank you for visiting! The purpose of this resource is to provide GitLab team members with information on how legal assists and interacts with the procurement of products and services at GitLab.

For information on the Procurement Team, policies and process, visit The Procurement Page

For general questions that do not require legal advice, deliverables, or any discussion of confidential information, you can reach out to the GitLab Legal Team at #legal.

Contacting Legal

You don't need to reach out to GitLab Legal directly. Instead, the GitLab Legal Team will be engaged directly by the Procurement Team, as applicable.

When is Legal involved

GitLab Legal will review any and all purchases made to ensure adequate terms are present for GitLab. Examples of types of purchases include:

• Software Agreements;
• Professional Services Agreements;
• Sponsorship Agreements;
• Event Contract;
• Subcontracting Agreements (staff augmentation or providing services/resources to GitLab and/or GitLab customers)

Signing Contracts

DO NOT SIGN ANY CONTRACTS

• Only authorized individuals can execute contracts on behalf of GitLab. Please view the Signatory Matrix for who may sign.

• In order to be executed, all Contracts must include the GitLab Legal stamp. This stamp confirms that the Contract has been reviewed and approved by a Legal Team Member. If you do not receive a GitLab Legal stamped version of the Contract, please ask the Procurement Team Member for assistance.

Vendor Requirements

• All vendors must agree to comply and act in accordance with:
  • GitLab Code of Business Conduct and Ethics
  • GitLab Moder Slavery Act Transparency Statement
  • In order to use GitLab Name and Logo Brand Guidelines Page

Additional Requests & Information

NDA Request(s): NDA Process

Negotiating Terms and Conditions: Negotiating Terms

NDA Process

• Prior to exchanging any confidential information, GitLab and a potential Vendor should execute a Mutual Non-Disclosure Agreement. This will ensure the adequate protection of any / all information shared.
• Follow the Non-Disclosure Agreement process to send an NDA via DocuSign or request one if you do not have DocuSign access.
• NOTE: If a potential vendor requires the use of their NDA template, please follow the process located on the Procurement Page which will initiate the legal review process.

Negotiating Terms

• For any purchases made by GitLab, there must be applicable terms and conditions.
• GitLab may use the Standard Terms and Conditions, which includes terms related to purchasing both software and/or professional services.
• In the event a vendor is providing services which include accessing, processing or controlling GitLab data, the GitLab Legal team may require the vendor to provide the list of sub-processors relevant to the services provided to GitLab. In addition, based on the data made available to the vendor, a DPA may be required, which will be engaged by the Privacy team.
• For information regarding purchase requests and negotiation thresholds, please visit the Procurement handbook.

GitLab Legal Procurement Process

• Within the GitLab Procurement tool, the Legal Procurement team is an approval group called "Legal".
• When a req is submitted, a Legal Procurement Team Member will carry out the following actions:
  1. When the status is set to "Ready to Start" (by Procurement) it will be transitioned into the "Legal" queue;
  2. A Legal Team Member will be assigned to the request, and change the status to "In Progress";
  3. Red-lines (if applicable) will be saved under the original version of the document(s) provided, in the Request;
  4. Legal Team Members will notify the requestor(s) (via chat) to highlight when red-lines are ready to be sent to the vendor;
  5. Once agreeable terms are achieved, the Legal Team Member will attach a clean PDF version (named "Executable" to start) with the GitLab Legal stamp of approval.
• By completing the above steps, reqs are added to the applicable team member's queue, which ensures the team is not carrying out duplicative work.
• Contact the Legal Team Member by tagging them directly in the GitLab Procurement Tool. Note Please do not contact team members in Slack unless an urgent matter arises.

Requesting a Certificate of Insurance

• To request a COI, open an issue in the Legal and Compliance project using the general legal template. Be sure to apply the legal-procurement::to do label and tag @rnalen, @chilling32, and @ddowney in your request.
• For requests related to a customer or partner, open a Legal Request in SFDC.

Helpful Resources

• Many Vendors require basic information about GitLab to be setup as a Customer, visit Company Information for general information about each GitLab legal entity
• GitLab's W9 can be found on the Finance Page