@@ -40,9 +40,9 @@ The following items are internal:
1. Information that relies on someone else's copyrighted IP. Our [compensation calculator](/handbook/total-rewards/compensation/compensation-calculator/), for example, relies on private sources of information and can't be made completely public.
1. Information related to early exploratory initiatives in which premature sharing of information could slow down purchases.
1. When there is a product offering being developed that is expected to generate very high demand that cannot be quickly met, it should be kept internal in order to give the team the time to create the right solution.
1. Changes to GitLab.com free tier limits such as storage, data transfer, user limits or compute minutes are not public as they are similar to Pricing and Packaging as discussed below in limited access.
1. Changes to GitLab.com free tier limits such as storage, data transfer, user limits or compute minutes are not public, as they are similar to Pricing and Packaging as discussed below in limited access.
1. Specific details about our hiring processes such as our scoring rubrics & criteria are not public as we want to ensure candidates provide an accurate overview of their experience and do not falsify their responses to meet our criteria. [High-level interview plans are public and documented in each job family](/handbook/hiring/job-families/#job-family-template-1).
1. GitLab's [strategy](/handbook/company/strategy), [Yearlies](/handbook/company/yearlies/), and [OKRs](/handbook/company/okrs/) are internal-only. GitLab goal setting is intentional ambitious. External folks, without context, could make misinterpretations about the company's financial health and strategic plans, so sharing this information may have [an unintended and undesirable effects](/handbook/legal/safe-framework/#effect).
1. GitLab's [strategy](/handbook/company/strategy), [Yearlies](/handbook/company/yearlies/), and [OKRs](/handbook/company/okrs/) are internal-only. GitLab goal setting is intentionally ambitious. External folks, without context, could make misinterpretations about the company's financial health and strategic plans, so sharing this information may have [unintended and undesirable effects](/handbook/legal/safe-framework/#effect).
1. Discussion, designs, and code that are subject to the [Discovery phase](/handbook/legal/patent-program/#discussion-of-inventions-and-improvements-to-inventions) of a patent application. Prior to filing the application all product and protype development should take place outside of public repositories.
### Limited access
@@ -51,15 +51,15 @@ The items below are not shared with all team members. Limited access is a more s
1. Deals with external parties like contracts and [approving and paying invoices](/handbook/finance/accounting/#procure-to-pay).
1. Content that would violate confidentiality for a GitLab team-member, customer, or user.
1. Customer information is generally not public due to confidentiality obligations and the use of such information by our competitors. If an issue needs to contain *any* specific information about a customer, including but not limited to company name, employee names, or number of users, then the issue should be made confidential. When we discuss a customer by name or describe a customer in terms that could make them identifiable, this should only occur in private projects or by linking to the SFDC account in an internal GitLab issue.
1. Customer information is generally not public due to confidentiality obligations and the problematic use of such information by our competitors. If an issue needs to contain *any* specific information about a customer, including but not limited to company name, employee names, or number of users, then the issue should be made confidential. When we discuss a customer by name or describe a customer in terms that could make them identifiable, this should only occur in private projects or by linking to the SFDC account in an internal GitLab issue.
1. Plans for reorganizations. Reorganizations may cause disruption and reorganization plans tend to change a lot before being finalized. We will keep relevant team members informed whenever possible.
1. Planned pricing changes. Much like reorganizations, plans around pricing changes are subject to modifications before being finalized. Thus, pricing changes are limited access while in development. Applicable team members will be consulted before any pricing changes are rolled out.
1. Certain discussions that relate to company policy or process changes. Some organizational policies are sensitive in nature and require thoughtful consideration before any communications are made. Relevant team members and leaders will be informed whenever possible.
1. Legal discussions are restricted to the purpose of Attorney-Client Privilege and some may be limited access instead of internal.
1. Some information is kept confidential by the People Group to protect the privacy, safety, and security of team members and applicants, including: job applications, background check reports, reference checks, compensation, terminations details, demographic information (age and date of birth, family or marital status, national identification such as passport details or tax ID, required accommodations), and home address. Whistleblower identity is likewise confidential. Performance improvement plans, disciplinary actions, as well as individual feedback are restricted as they may contain negative feedback and [negative feedback is 1-1](/handbook/values/#collaboration) between you and your manager. However, People Group policies and processes are public (for example, [Job families](/handbook/hiring/job-families/) and our [Compensation Calculator](/handbook/total-rewards/compensation/compensation-calculator/calculator/)), along with limited information that team members choose to share on the [Team](/handbook/company/team/) page.
1. Some information is kept confidential by the People Group to protect the privacy, safety, and security of team members and applicants, including: job applications, background check reports, reference checks, compensation, terminations details, demographic information (age and date of birth, family or marital status, national identification such as passport details or tax ID, required accommodations), and home address. Whistleblower identity is likewise confidential. Performance improvement plans, disciplinary actions, and individual feedback are restricted, as they may contain negative feedback and [negative feedback is 1-1](/handbook/values/#collaboration) between you and your manager. However, People Group policies and processes are public (for example, [Job families](/handbook/hiring/job-families/) and our [Compensation Calculator](/handbook/total-rewards/compensation/compensation-calculator/calculator/)), along with limited information that team members choose to share on the [Team](/handbook/company/team/) page.
1. Acquisition offers by or of GitLab.
1. Compensation Changes: GitLab will communicate and train team members on the output of iterations to the Total Rewards offerings (Compensation, Equity, Benefits), but team members will not have visibility into the inputs and decision making of compensation changes.
1. Security Incident Investigation: In order to avoid exposing team members to MNPI, the Security Incident Response Team (SIRT) will restrict access to only those necessary to assess the materiality of incidents. Once an incident is determined to not have MNPI the access can be changed to [internal](/handbook/communication/confidentiality-levels/#internal).
1. Security Incident Investigation: In order to avoid exposing team members to MNPI, the Security Incident Response Team (SIRT) will restrict access to only those necessary to assess the materiality of incidents. Once an incident is determined to not have MNPI the access may be changed to [internal](/handbook/communication/confidentiality-levels/#internal).
