This is a Controlled Document
Inline with GitLab's regulatory obligations, changes to controlled documents must be approved or merged by a code owner. All contributions are welcome and encouraged.
All of the policies listed below are important for GitLab team members to read and understand as they deal with people benefits, procedures, and requirements of the company. If you have any questions around the internal policies, please reach out to People Operations at people-connect@gitlab.com.
These policies apply to all GitLab team members, contractors, advisors, and contracted parties interacting with GitLab computing resources and accessing company or customer data.
| Role | Responsibility |
|---|---|
| GitLab Team Members | Responsible for following the requirements in these policies |
| PeopleOps | Responsible for implementing and executing these policies |
| Legal & PeopleOps Management (Code Owners) | Responsible for approving significant changes and exceptions to these policies |
We encourage maximum communication between team members at all levels of the organization. This is an important part of our culture. Whenever problems or concerns arise, it is expected that they will be addressed as quickly as possible. Your immediate manager is the person on the management team who is closest to you and your work. When you need help or have questions, complaints, problems or suggestions, please contact your manager first. It is your manager's responsibility to assist you - so please ask, and be willing to work the issue out with your manager. They are interested in your success, the success of every team member in their department, and the overall success of GitLab.
If your manager cannot help you or answer your questions, your questions will be referred to someone who can. If you feel your particular question, concern or suggestion cannot be discussed with your manager, you are encouraged to contact your manager's manager, your assigned People Business Partner, Team Member Relations, the Chief People Officer or the CEO. It is important to remember that a team member who takes these steps will not be reproached. You can expect to be treated fairly and with respect.
When attending Contribute or any conference, public meeting, customer meeting or meet-up, kindly keep in mind you are representing GitLab. Personal hygiene and hygiene in general helps to maintain good health and prevent the spread of diseases and various other illnesses. We motivate everyone to maintain cleanliness. For more information about our GitLab Events Code of Conduct, read more here.
We pride ourselves on being a company that operates with integrity, makes good choices, and does the right thing in every aspect of our business. We will continually challenge ourselves to define what being a responsible company means to us, and work to translate our definition into behavior and improvements at GitLab. We seek to align our social and environmental efforts with our business goals and continue to develop both qualitative and quantitative metrics to assess our progress.
GitLab strives to maintain a workplace that is free from illegal use, possession, sale, or distribution of alcohol or controlled substances. Legal or illegal substances shall not be used in a manner that impairs a person’s performance of assigned tasks. This will help to maintain the efficient and effective operation of the business, and to ensure customers receive the proper service. GitLab team members must also adhere to the local laws of where they reside and where they travel to, including the GitLab Contribute.
The World Health Organization (WHO) defines health as:
The WHO defines mental health as:
Defining the terms from the sentence above:
Why is awareness of Mental Health important at GitLab?
At GitLab we strive to create a stigma-free workplace. In accordance with the National Mental Health Association and the National Council for Behavioral Health we would like to:
What are we doing to get there?
Any questions or concerns? Please feel free to speak with anyone in People Ops.
GitLab respects the confidentiality of the personal information of employees and contractors. This includes employee and contractor medical and personnel records. All team member records are kept in BambooHR. Team members have self service access to their profile. Where available, documents and information are shared with the team member within the platform. Access to personal information is only authorized when there is a legitimate and lawful reason, and access is only granted to appropriate personnel. Requests for confidential employee or contractor information from anyone outside our company under any circumstances must be approved in accordance with applicable laws. It is important to remember, however, that employees and contractors should have no expectation of privacy with regard to normal workplace communication on any personal property used for GitLab business.
If a GitLab Inc or GitLab Federal LLC team member would like to view their personnel records, please review the US Access to Personnel Records section.
If there is no requirement within someone's job description to be public-facing, then team members can opt-out of any public exposure. Team members can opt-out of being added to the team page or what content about them is shown on the team page and can use either only their initials or an alias if desired. Since GitLab publishes much of our content, including video calls and meetings, the only way to ensure no unwanted exposure from these videos is to have video turned off and initials or an alias added to the Zoom profile name whenever a call is being recorded. Zoom shows whether a call is being recorded at the top right of the video screen, and team members are always encouraged to ask if a video will be shared or not. For any GitLab livestreams through YouTube, a team member can watch and comment through YouTube instead of through the internal video call. Any questions can be sent directly to our People Business Partners or CPO.
As stated in the Confidentiality and Corporate Assets and Corporate Opportunities section of the Code of Business Conduct and Ethics, team members are, on occasion, entrusted with GitLab confidential information and with the confidential information of GitLab suppliers, customers or other business partners. This information may include:
This information, if disclosed, might be of use to competitors, or harmful to GitLab's suppliers, customers or other business partners. This information is the property of GitLab, or the property of its suppliers, customers or business partners, and in many cases was developed at great expense. All team members, upon commencement of employment with GitLab, shall sign offer letters or contractor agreements that contain confidentiality provisions (the “Confidentiality Agreement”) provided by GitLab. Strict adherence to the Confidentiality Agreement is required of each team member.
Team members shall not take for themselves, or for family members or any other entities with which they are affiliated, any opportunity of which they become aware through the use of GitLab property or information, or through their position with GitLab, and shall not use GitLab property or information, or their position with GitLab, for personal gain other than actions taken for the overall advancement of the interests of GitLab.
Team members also have obligations to protect the personal and sensitive information of our fellow team members. Therefore, you may not access and/or disseminate any team member's personal information (i.e. address, personal phone number, salary, etc.) that the team member has not made publicly available, unless the team member has provided written permission to share this information. An exception to this restriction would be when access is a necessary function of your job duties. A violation of this obligation is considered severe and could result in disciplinary action, up to and including termination.
Exceptions to this procedure will be tracked as per the Information Security Policy Exception Management Process. For reference see the Parent Policy: Information Security Policy.
If you have been injured at work, at a co-working site, or traveling to a customer location please contact the Absence Management team (leaves@gitlab.com). The Absence Management team may provide you with paperwork to file your claim and explain your benefits.
GitLab is committed to a policy of employment and advancement based on qualifications and merit and does not discriminate in favor of or in opposition to the employment of significant others or family members. Due to the potential for perceived or actual conflicts, such as favoritism or personal conflicts from outside the work environment, which can be carried into the daily working relationship, GitLab will hire or consider other employment actions concerning significant others and/or family members of persons currently employed or contracted only if all points below are true:
This policy applies to all current employees and candidates for employment. In the spirit of our Transparency value, we ask the team member and the candidate to disclose the family relationship to the recruiter at the beginning of the hiring process. For purposes of this policy, a significant other or family member is any person who has a relation by blood, marriage, adoption, or domestic partnership within the third degree of our team member. If the candidate progresses through the process as a final candidate, and prior to any offer, the recruiter should notify the hiring manager and the People Business Partner of the family relationship to ensure there is not a conflict of interest. In addition, the GitLab team member should not be part of their family member's interview process. If there is a concern that either the team member or the candidate may progress to a position that would trigger one of the conditions above a waiver will be signed by both parties acknowledging that future work assignments, promotions, etc may be impacted by enforcement of this policy.
Please report any relationship with a significant other or family member to your People Business Partner, if you find yourself in a reporting relationship with the significant other or family member. Furthermore, if two team members who are in a reporting relationship become significant others or family members in the course of their employment, they should also report the relationship to the People Business Partner. Transfers, promotions, and future work assignments will be made in accordance with all applicable anti-discrimination laws and policies.
Preventing Unsafe Situations
While GitLab is 100% remote, there may be times when employees travel for work related functions or co-working events. GitLab is committed to the value of a safe, violence-free work environment and ensuring and exhibiting equal commitment to the safety and health of employees.
In general, please consider the following recommendations to ensure safety when traveling or coworking:
Measures GitLab Takes to Aid Employee Health and Safety
Responding to Unsafe Situations:
The following are GitLab’s procedures in the event an employee feels threatened or unsafe:
GitLab uses appropriate controls to ensure that its assets and its customer relationships and information are protected. To reduce these risks, GitLab will obtain and review background information of covered prospective, and, as applicable, current team members, as allowed by local law.
GitLab currently contracts with Sterling Talent Solutions to provide background screenings. For all candidates being considered for a position at GitLab, an employment history for the last 5 years and/or the three most recent employers will be verified in accordance with applicable local law (if applicable local law limits the review of employment history to fewer years and/or employers, then GitLab follows local law). In jurisdictions where criminal records may be reviewed, criminal records will be requested. Additional screenings may include, where applicable and in accordance with local law, a search of the Office of Foreign Assets Control Sanctions List or Extended Global Sanctions, and/or the U.S. Department of Health and Human Services Office of Inspector General's List of Excluded Individuals/Entities. For certain positions where the candidate's financial history is relevant to the position, GitLab may also run a screening for any financial related offenses. GitLab may use the returned background information to make decisions regarding employment, where allowed by local law. No background screening will be run until a conditional offer has been made, unless local law explicitly requires otherwise.
In the event the background screening is not available on the scheduled hire date due to delays in processing, GitLab will run the background screening as soon as possible. The same adjudication guidelines will apply to current employees as they do with prospective employees.
The Candidate Experience Specialists will initiate all employment verifications and background screenings for candidates. The People Compliance Partner will initiate any applicable retroactive background screenings or requested enhanced background screenings for current team members.
Candidates (and, as applicable, current team members) will receive an email to fill out the background screening application. The application will ask for personal and professional information. The application process includes signing a disclosure and a consent form which explains the rights of an individual undergoing a background screening. The application process is designed to take less than fifteen minutes to complete.
To prepare for the employment verification for those candidates being considered for Director level positions or higher, candidates should gather each previous employer's name and address, position title held, employment start and end dates, manager’s name and title, their phone number, and email address. Details for a Human Resources contact can be entered instead of a manager's contact details. Occasionally, and where permitted by law, Sterling will reach out to the candidate to retrieve additional information, such as backup documentation to act as proof of previous employment or picture IDs. Proof of employment can typically be provided in various ways, such as tax returns (e.g. W2s), pay stubs, LLC documentation, official company registrations, etc.
Background screenings will act as an additional mechanism of transparency and will help to build trust with our clients.
Reviews of the background screening are conducted in accordance with the applicable law of the candidate’s jurisdiction. Candidate Experience Specialists should first review the report for omissions, inaccuracies, or discrepancies with employment, including, but not limited to, dates of employment, employer names, or positions held. If the report includes discrepancies related to employment, the Candidate Experience Specialist will reach out to Team Member Relations to review the report. Team Member Relations may escalate the report, as necessary, to Legal - Employment. Employment decisions based on the employment verification portion of the background screening report shall be finalized before any review of the criminal records information takes place.
If criminal record information has been provided, then it will be adjudicated in accordance with applicable local law. Generally, and subject to local law, criminal records are reviewed to determine if criminal convictions have a direct connection with an applicant’s ability to fulfill the job duty with competence and integrity, and decisions are made that are job related and consistent with business necessity. Arrest records are not considered during the adjudication process, nor is any criminal conviction information that is prohibited from being reviewed by applicable local law.
When a team member is absent from work for three consecutive workdays, there is no entry on the availability calendar for time off, and fails to contact his or her supervisor, they may be terminated for job abandonment unless otherwise required by law.
If a manager is unable to reach a team member via email or slack within a 24 hour period they should contact their People Business Partner. The People Business partner will access the team member's information to obtain additional contact methods and numbers. The manager and People Business Partner will create an action plan to make all attempts to contact the team member.
GitLab understands there are extenuating circumstances that can occur. In the instance that a team member is absent from work for three consecutive workdays due to an emergency outside of the team members' control (I.E. internet outage in their country of residence), the recommendation is:
