GitLab has accomplished a number of milestones and Transparency has been essential to our success from the beginning. As GitLab matures, and we evolve to viewing Transparency as both Internal Transparency and External Transparency, we want to equip Team Members with the tools to enable responsible transparency in order to protect GitLab and our Team Members. To do so, there are certain factors we need to consider when we share information in the form of videos, blog posts, social media posts, interviews, presentations, epics, issues, merge requests or any other format. Accordingly, along the lines of our CREDIT values, we have created the “SAFE” framework to serve as a guide.
Also, consistent with our CREDIT values, this is a living framework and we will iterate on this framework based on lessons learned in the course of GitLab’s evolution.
By contributing, Team Members will help GitLab continue to keep our CREDIT values front and center while making sure we continue to prioritize Transparency. If you have any questions, please ask them in the #safe Slack channel.
For all materials requiring legal review, refer to the Materials Legal Review Process.
The S in “SAFE” serves as a reminder to make sure that Team Members are not sharing information which could be considered Sensitive information without express approval from GitLab Legal. Things to consider before disclosing:
What is considered Sensitive information?
a) Any company confidential information that is not public.
b) Any data that reveals information not generally known or not available externally may be considered sensitive information. Sensitive information includes:
c) Material nonpublic information. Material nonpublic information is any information that is not publicly available and a reasonable investor would likely consider important in making an investment decision (i.e., to buy, sell, or hold the company’s stock). Examples of material nonpublic information may include:
The disclosure of sensitive or material nonpublic information may be harmful to Team Members or the company. Team Members should seek the GitLab Legal’s review if the content of what they intend to disclose includes this type of information via the #safe Slack channel. If in doubt, please inquire with the Director of Legal, Corporate before circulating this type of information externally via the #safe Slack channel.
The A in SAFE serves as a reminder to double-check that the information Team Members are sharing is Accurate. Things to consider before disclosing:
Team Members have a responsibility to make sure that the information they are sharing is Accurate. Team Members and third parties rely on the information presented and may incorporate the same information in works they may produce. Not only should Team Members make sure that the information is Accurate, but they should be able to provide the underlying data, if applicable, to support the accuracy or confirm the methodology used to achieve the data. Estimates should clearly be marked as estimates. Also, if the data is continually changing, Team Members should indicate an “as of” date when sharing so that everyone is aware of the date the shared data is accurate as of.
The F in SAFE serves as a reminder that the company’s Financial information is so important to protect that it requires CFO’s approval prior to sharing externally. Things to consider before disclosing:
Company financials, including guidance (the company's own best estimates to shareholders of its upcoming earnings), forecasts and estimates are and should be considered confidential nonpublic confidential information. Team Members should also consider that information containing metrics or data can be used to figure a financial value of the company, and should therefore be considered confidential information. Examples of metrics or data that can be used to figure financial value include the number of customers in each offering tier, the contract amount of a large customer, the current 409a valuation for the company’s stock. Accordingly, financial information should not be disclosed publicly unless approved by GitLab’s Chief Financial Officer.
The E in SAFE serves as a reminder to be mindful about the Effect - intentional and unintentional - that the information Team Members are sharing may have on the company. Things to consider before disclosing:
When considering what information to disclose, Team Members should consider the pros and cons of the Effect the information will have on all parties inside and outside the company. Furthermore, Team Members should also consider that in some instances information intended to have one Effect may have a completely different, unintended Effect. When in doubt, talking it over with a colleague or reaching out via #safe is always a good option.
Team Members should also take into account each piece of information being shared as well as the information and documentation as a whole. The information you are sharing should not be viewed in a silo. Team Members should examine what type of effect all the information taken together will have.
Any questions should be directed to Director of Legal, Corporate via the #safe Slack channel.
What should I do if I shared or I see GitLab information which has been shared that I think might be sensitive, inaccurate, financial, or might have an effect that is harmful to the company or helpful to investors?
We reinforce SAFE by: