Skip to content

Update Statement of Support for requests for user information on GitLab.com

Why is this change being made?

There's some ongoing discussion in https://gitlab.com/gitlab-com/legal-and-compliance/-/issues/179 on the level of support we'll offer when we receive specific requests for user information on GitLab.com.

One school of thought may assert that if an organization is paying for a user on GitLab.com, they should have the ability to assert oversight over the user. This MR asserts that we should only constrain the support we provide to the paid namespace that the request is coming from, since GitLab's user model doesn't currently tie a user to a namespace. Since a user can belong to multiple paid namespaces, it's not feasible to implicitly give authority to a 3rd party.

Author Checklist

  • Provided a concise title for the MR
  • Added a description to this MR explaining the reasons for the proposed change, per [say-why-not-just-what][transparency]
  • Assign this change to the correct DRI
    • If the DRI for the page/s being updated isn’t immediately clear, then assign it to your manager.
    • If your manager does not have merge rights, please ask someone to merge it AFTER it has been approved by your manager in [#mr-buddies][mr-buddies-slack].
    • If the changes relate to any part of the project other than updates to content and/or data files please make sure to ping @gl-static-site-editor in a comment for a review and merge. For example changes to .gitlab-ci.yml, JavaScript/CSS/Ruby code or the layout files.

Merge request reports