GitLab has accomplished a number of milestones and Transparency has been essential to our success from the beginning. As GitLab has matured, we have evolved to viewing Transparency as both Internal Transparency and External Transparency; accordingly we want to continue to equip team members with the tools to enable responsible transparency in order to protect GitLab and our team members. To do so, there are certain factors we need to consider when we share information in the form of videos, blog posts, social media posts, interviews, presentations, epics, issues, merge requests or any other format. Accordingly, along the lines of our CREDIT values, the “SAFE” framework serves as a guide.
Also, consistent with our CREDIT values, this is a living framework and we will continue to iterate on this framework based on lessons learned in the course of GitLab’s evolution.
By contributing, team members will help GitLab continue to keep our CREDIT values front and center while making sure we continue to prioritize Transparency. If you have any questions, please ask them in the #safe slack channel. Please do keep in mind that if you do reach out via the #safe slack channel, you should not include any sensitive information in that message because that is an open public channel. Instead, wait for a response from someone on the legal team as the sensitive information can be shared with the legal team using a DM.
For all materials requiring legal review, refer to the Materials Legal Review Process.
The S in “SAFE” serves as a reminder to make sure that team members are not sharing information which could be considered Sensitive information without express approval from GitLab Legal. Things to consider before disclosing:
c) Material nonpublic information. Material nonpublic information is any information that is not publicly available and a reasonable investor would likely consider important in making an investment decision (i.e., to buy, sell, or hold the company’s stock). Examples of material nonpublic information may include:
The disclosure of sensitive or material nonpublic information may be harmful to team members or the company. If the content to be disclosed includes any of the above information, team members should seek the GitLab Legal’s review via the #safe slack channel. If in doubt, please inquire with the Senior Director of Legal, Corporate via the #safe slack channel before circulating this type of information externally.
The A in SAFE serves as a reminder to double-check that the information team members are sharing is Accurate. Things to consider before disclosing:
Team members have a responsibility to make sure that the information they are sharing is Accurate. Team members and third parties rely on the information presented and may incorporate the same information in works they may produce. Not only should team members make sure that the information is Accurate, but they should be able to provide the underlying data, if applicable, to support the accuracy or confirm the methodology used to achieve the data. Estimates should clearly be marked as estimates. Also, if the data is continually changing, team members should indicate an “as of” date when sharing so that everyone is aware of the date the shared data is accurate as of.
The F in SAFE serves as a reminder that the company’s Financial information is so important to protect that it requires Chief Financial Officer’s approval prior to sharing externally. Things to consider before disclosing:
Company financials, including guidance (the company's own best estimates to shareholders of its upcoming earnings), forecasts and estimates are and should be considered confidential nonpublic confidential information. Team members should also consider that information containing metrics or data can be used to figure a financial value of the company, and should therefore be considered confidential information. Examples of metrics or data that can be used to figure financial value include the number of customers in each offering tier, the contract amount of a large customer or expenses related to a category or type of third party services or vendors. Accordingly, financial information should not be disclosed publicly unless approved by GitLab’s Chief Financial Officer.
The E in SAFE serves as a reminder to be mindful about the Effect - intentional and unintentional - that the information team members are sharing may have on the company. Things to consider before disclosing:
When considering what information to disclose, team members should consider the pros and cons of the Effect the information will have on all parties inside and outside the company. Furthermore, team members should also consider that in some instances information intended to have one Effect may have a completely different, unintended Effect. When in doubt, talking it over with a colleague or reaching out via the #safe slack channel is always a good option.
Team members should also take into account each piece of information being shared as well as the information and documentation as a whole. The information you are sharing should not be viewed in a silo. Team members should examine what type of effect all the information taken together will have and how the audience may or may not interpret the information.
Any questions should be directed to Senior Director of Legal, Corporate via the #safe slack channel.
What should I do if I shared or I see GitLab information which has been shared that I think might be sensitive, inaccurate, financial, or might have an effect that is harmful to the company or helpful to investors?
We reinforce SAFE by:
:safe-tanuki:emoji to remind team members about the SAFE framework.