Team Member Social Media Policy

Introduction

Social media is integral to how GitLab Inc. and its subsidiaries (collectively, “GitLab”, “we”, or “our” or “Company”) and GitLab team members communicate and engage with on social media. The Team Member Social Media Policy (“Policy”) provides guidelines for GitLab team members when participating in social media discussions about GitLab Inc. or work-related topics.

Team members are personally responsible for their social media presence. Their social media activity reflects on GitLab whether they’re on or off duty, using company or personal devices, or posting under their name or anonymously. Everything published online is public and permanent, even if later deleted or edited. When in doubt about posting something, pause and reflect. Your words represent both yourself and GitLab, so focus on constructive engagement rather than arguments.

GitLab may update this Policy as social media platforms and practices evolve. While changes can be made without prior notice, we commit to transparent communication about any updates and their effective dates.

Applicability

This Policy applies to all team members and members of our Board of Directors and is applicable in all regions regardless of regional social media customs and practices. In the event there is any conflict between this Policy and local laws and/or regulations for your region, the local laws and/or regulations prevail over this Policy and must be followed.

This Policy applies to social media activity that impacts GitLab regardless of:

• Whether the account is used for professional or personal purposes;
• Whether GitLab is mentioned in your profile;
• When the posts were made (during or outside of working hours); or,
• What device or platform was used.

While GitLab respects team members’ rights to personal expression on social media, the Company may need to take action if your personal social media activity, for example:

• Creates a hostile work environment;
• Significantly damages GitLab’s reputation;
• Reveals confidential information;
• Violates GitLab’s Business Code of Conduct and Ethics (“Code of Conduct”);
• Interferes with business relationships; or,
• Results in sustained or significant negative media attention.

In situations like these, GitLab may request the removal of specific content, require changes to profile information that associates the account with GitLab, or otherwise ask the team member to remediate the situation.

Designated company spokespersons have additional responsibilities and guidelines. If you hold this role, please consult your team-specific guidelines or contact the communications team for detailed guidance about your expanded social media responsibilities.

All Team members must review and acknowledge this Policy during onboarding and must acknowledge significant Policy updates, as needed. Team members are also expected to adhere to the Community Code of Conduct, Anti-Harassment Policy, and our Code of Business Conduct and Ethics when using social media and public online spaces, ensuring consistent professional behavior across all platforms.

Scope

Our definition of social media covers all forms of interactive online communication and extends to any current or future online technology that enables information sharing and interactive communication. Simply put: if you can post content or comment on others’ posts, it falls under this Policy. This Policy covers, for example:

Traditional Social Platforms

Established platforms like LinkedIn, X (Twitter), Facebook, and Instagram, along with content-sharing sites such as YouTube, as well as professional forums like HackerNews and Reddit.

Additional Digital Channels

Blogs, message boards, forums, and private messaging features within these platforms, including the GitLab Forum, private groups, and direct messaging functions like Twitter DMs or Instagram Direct Messages.

Exclusions

This Policy does not apply to anonymous workplace review platforms, such as Glassdoor, Fishbowl, or Indeed. GitLab respects team members’ right to share their authentic workplace experience, value transparency, and support honest reviews on those platforms. This maintains our commitment to constructive dialogue while preserving the ability to share authentic experiences.

Social Media sometimes generates press and media attention or legal questions.Please refer all inquiries to the Communications Team in the #external-comms Slack channel.

Best Practices: What You Should Do

DO disclose that you’re a team member

When discussing GitLab or your work at GitLab on social media, always disclose your employment status. This transparency can be achieved by:

• Including GitLab in your profile biography
• Listing GitLab as your employer
• Mentioning your team member status in relevant posts
• Using #LifeAtGitLab on GitLab-related content

This disclosure requirement applies specifically to posts about your professional responsibilities or GitLab-related matters.

DO Distinguish Personal Views from Company Positions

Remember, your social media posts reflect your personal views, only. Do not use social media to speak on GitLab’s behalf, unless you have completed communications training and are explicitly authorized. Comments about GitLab’s published financial results must be consistent with GitLab’s SAFE Framework and must be shared without personal commentary. Not sure if you should share? Ask in the #safe Slack channel.

DO protect yourself

Your online presence can reveal more personal information than you might realize. Before posting, consider:

• Your digital footprint affects your privacy and security. Take time to evaluate what information you’re comfortable sharing publicly. Common privacy protection practices include waiting to share location tags until after leaving a venue, encoding contact information to prevent automated collection, and being selective about sharing images of family members, especially minors. While these specific measures are optional, carefully consider the long-term implications of any personal information you share on social media platforms.

DO act responsibly and ethically

Represent yourself honestly in all social media interactions. Be truthful about your role and responsibilities at GitLab by accurately stating your position and team affiliation. Never claim titles or responsibilities you don’t hold, and be clear about your authority to speak on specific topics.

DO try to live our values

Our company values extend to all online interactions about or relating to GitLab. Demonstrate the same respect, professionalism, and courtesy to everyone on social media that you show to your team members. This includes engaging constructively with different viewpoints and maintaining civil discourse, even in challenging conversations.

DO share GitLab content using our team member advocacy platform

Our team member advocacy tool, EveryoneSocial, serves as your primary resource for regularly updated, SAFE content (links, images, copy) pre-approved for external sharing, relating to product updates, blog content, thought leadership, press mentions, videos, customer stories, and more.

Please ping #social-media-action on Slack if you have any questions about our team member advocacy platform or questions about content you would like to share.

Protecting GitLab: What to Avoid

It’s your job to protect GitLab, our customers, and our team members. Whether you’re an intern or our CEO, protecting the GitLab brand, the Company, and our entire team is a part of your job description.

DON’T speculate or add forward-looking statements

Forward-looking statements predict, project, or use future events as expectations or possibilities. team members must not speculate or add forward-looking statements to their opinions written on social media. Forward-looking statements could include statements on future financial growth projections, customer volume, subscription growth, and more. This would include forecasting, or when data is presented to argue for or against future trends. Not sure if it’s public? Ask in the #safe Slack channel or review the SAFE handbook page.

Some language indicators that you’re talking about forward-looking statements would be using one of the following words: “will,” “may,” “should,” “expects,” “intends,” “plans,” “aims,” “anticipates,” “believes,” “estimates,” “predicts,” “potential,” “looking to,” or “continue”.

DON’T share customer or team member personal information

Team Member Information: Respect colleagues’ privacy and obtain their explicit permission before sharing their personal information. Do not use social media to make comments about colleagues that are false, vulgar, threatening, or that would otherwise violate GitLab policies or local law.

Customer Information: Only share customer information from published case studies and approved marketing materials. For any other customer-related content, obtain prior approval from the customer advocacy reference team to protect both customer privacy and our professional relationships.

DON’T bash competitors

When discussing competitors or their products, maintain professional engagement by highlighting GitLab’s strengths rather than criticizing our competitors’ weaknesses. Avoid negative commentary or provocative responses to competitor posts.

Remember that constructive engagement builds our reputation as a thoughtful industry leader. Inflammatory comments, trolling, or deliberately antagonistic responses damage both your professional credibility and GitLab’s standing in the community.

DON’T share legal information

All legal matters, including cases, issues, or attorney interactions, require explicit approval from the Legal team before any social media mention. Contact the #legal Slack channel for guidance, but understand that public disclosure of legal matters is rarely approved.

DON’T Respond to Media Inquiries

Responding to journalists or news outlets without proper coordination can lead to inconsistent messaging, inaccuracies, or unauthorized disclosures. Our Communications Team is trained to appropriately handle media relations while protecting GitLab’s interests and maintaining our professional reputation. Please always refer all media inquiries to the Communications Team in the #external-comms Slack channel.

DON’T share confidential information

Never share confidential information about GitLab or individuals on social media, including but not limited to:

• Personal Confidential Information: Identifiable information that could enable identity theft, including Social Security numbers, financial accounts, driver’s licenses, and medical information (including family history).
• Company Confidential Information includes
  • non-public (i.e., GitLab Internal Only):
  • Financial data
  • Business performance metrics
  • Strategic plans
  • Brand strategies
  • Trade secrets
  • Internal documents

Before sharing work-related content, verify that the associated issue or document is not marked confidential. When in doubt, assume information is confidential or check with your manager.

DON’T use third-party materials (including images, videos, or text) without permission from the owner

Internet content (images, videos, text) is typically copyright protected, even when publicly posted. Always obtain permission before using others’ content in your posts. Alternatives when permission isn’t available:

• Link to the original content instead of copying it
• Use permissively-licensed resources like Unsplash for images
• Share GitLab-created assets, which are pre-approved for team use

When uncertain about usage rights, consult the #legal Slack channel for guidance.

DON’T create images with, or manipulate, third-party logos without the permission of the owner. Also, under no circumstances, create artwork using the GitLab logo without prior approval from the Brand team.

Company logos and service marks are registered trademarks requiring explicit permission before use. Never create or modify images containing third-party logos without owner consent.

You may freely share all content from GitLab’s official channels that contains third-party logos, as our marketing teams have secured necessary permissions for these materials. You can also reference companies or products by name when necessary for identification, provided you don’t imply endorsement or affiliation.

Feel free to share GitLab-created assets, even when they contain third-party logos, as these have been pre-approved for team use. If you’re uncertain about logo usage in any context, consult the #legal Slack channel for guidance.

DON’T use social media, blogs, or other digital channels for GitLab-related communications with other team members

While GitLab is a transparent company, we like to keep negative feedback 1:1. Team members should not discuss work-related situations in public forums. For all communications that can be public-facing, please use issues and epics and mark them as not confidential.

Connecting with team members on Social Media

Professional relationships with fellow GitLab team members should extend to social media interactions. When connecting with team members on social media, maintain the same standards of professionalism and respect that guide our workplace communication.

Follow GitLab’s Communication Guidelines and Anti-Harassment Policy to foster an inclusive and collaborative environment across all platforms.

Brand Representation Guidelines

Mimicking the GitLab Brand

Your social media presence should clearly distinguish you as a GitLab team member rather than the company itself. To prevent confusion:

• Do not use the GitLab logo as your profile picture
• Do not include GitLab in your @handle
• Do not add GitLab to your display name

Your profile should immediately identify you as an individual who works at GitLab, not as an official company account. The corporate marketing team actively monitors for brand impersonation and will report non-compliant profiles that fail to address concerns.

Unauthorized GitLab Brand Social Media Accounts

As a team member of GitLab, you are not authorized to create Company/brand social media profiles. If the GitLab corporate social media team encounters unauthorized profiles, they will be treated as external threats and reported for impersonation.

Contests or Sweepstakes on Your Social Media Profiles

As part of your role at GitLab, you may be responsible for a contest or a sweepstakes with social media elements. It’s important to follow legal guidelines. As a representative of GitLab, if you’re promoting the contest on your social media channels, it will need to follow the same rules as what the GitLab brand channels will need to follow. You can learn more about legal and contests in the handbook here.

Follow Website Terms of Use

Most social media websites/services have rules concerning the use of and activity conducted on their sites. These are sometimes referred to as “Terms of Use.” Team members must follow the established terms and conditions of use that have been established by the website, social media network, or channel and not do anything that would violate those rules.

Ramifications of not following the social media policy

If the Company finds any statements or claims that are false or misleading, or we discover an activity that does not follow this Policy, we will contact you to correct the situation. Team members who violate this Policy may be subject to disciplinary action, up to and including termination, subject to local law.

Location-specific social media policy details

United States

Confidential proprietary information does not include information lawfully acquired by non-management employees about wages, hours or other terms and conditions of employment, if used for purposes protected by Section 7 of the National Labor Relations Act such as joining or forming a union, engaging in collective bargaining, or engaging in other concerted activity for their mutual aid or protection.

GitLab will not enforce this Policy in a manner that would interfere with team members’ rights under the National Labor Relations Act to discuss the terms and conditions of employment.

United Kingdom

You may not use data obtained in the course of your employment with GitLab in any way which breaches the provisions of the Data Protection Act 1998.