This guide for GitLab Product Managers clarifies and expands on the Regulation FD Training.
To make any edits to this page, please create a merge request and add a description of what you want to change and why. Add labels
product handbook. Add Product Operations DRI/Maintainer
@fseifoddini as Reviewer for collaboration and approval. If Product Operations is unavailable and the topic is time-sensitive, please add Maintainer
@gweaver for collaboration and approval.
Please note the content of this page needs to remain aligned with Legal team guidance so any changes must be approved by one of the Maintainers.
GitLab Legal has put together a comprehensive framework to help team members determine which information is internal only and that which can be shared publicly. Following the SAFE framework will help you comply with the requirements of Regulation Fair Disclosure.
Please reach out to Slack #SAFE with any questions that are still unclear after reviewing this page. When posting in #SAFE tag Product Operations, as that will help them maintain this page. We also encourage you to raise an MR to update the handbook as needed based on your findings.
The following applies to GitLab artifacts that have product and specific feature information. Please remember these artifacts should only contain information that is SAFE. Links to various disclaimers are available in the "helpful legal references" section on this page.
|Topic||Disclaimer||Legal Review Required (Y/N)||Other Considerations|
|3 year direction videos||Y||Y|
|Company wide kickoff video||Y||N|
|Group Kickoff videos||N||N|
|Product demos, walk-through videos||N||N|
|Meeting recordings (e.g. Team calls, PM Weekly, Retrospectives)||N||N|
|General product handbook pages||N||N|
|Topic||Legal Considerations||Legal Review Required (Y/N)|
|New product launches (e.g GL Dedicated)||Y||Y|
|References to revenue||Y||Y|
Product managers often need access to MNPI to do their job. As GitLab is now a publicly-traded company, it is important we all understand what MNPI is so we manage information/data appropriately. Here are some examples of MNPI:
The list of examples is not a comprehensive list of what could be considered material information. Determining what may be material information will depend upon the facts and circumstances in each particular situation.
Yes. Whether in epics, issues or handbook pages, PIs should be internal-only and follow the SAFE framework.
|Publicly discussing a group's MAU in an issue||Not SAFE||We should avoid publicly disclosing MAU numbers|
|Publicly discussing new/potential product performance indicators||SAFE||We can publicly discuss PIs as long as no actual data (numbers/values) is referenced or exposed|
If you need a review from Legal, please ping in the #SAFE channel in Slack.
See the table above. If you are recording a video that requires a disclaimer but are not using a slidedeck, you may alternatively verbalize the disclaimer at the beginning of the video to avoid extra post-production work.
None, so long as the instrumentation data does not contain sensitive, financial, or internal-only data.
Guidelines covering the use of third-aprty materials are being prepared and will be linked here when ready.
The Third-party Trademark Usage Guidelines cover the use of third-party trademarks in GitLab (the product), and set out the process for adding new third-party logos to GitLab.
This advice covers the use of third-party trademarks in the context of comparative advertising.
In general, keep the issues and videos public. For issues that are of possible interest to investors keep private until publicly disclosed. Don't make public videos that contain earnings and other material information prior to these details being publicly available. Private issues that might find their way to an investor, analyst, or investment institution, are more likely to be in violation.
$cashtags are commonly used to reference anything that is financially related to a company (example). There is nothing wrong with using this symbol to reference or link to any financial information that has already been disclosed and distributed in an authorized public channel. For example, linking to a company's annual or quarterly statements published on their public website.
If the information is not SAFE, do not link to it or share it publicly.
Referencing the SAFE handbook page is a great place to start. If you're still unsure, please reach out to Legal in #legal and someone will be glad to assist you.