Backblaze
Backblaze is a tool that might be deployed to backup data on your GitLab-owned device. It is not installed by default on company devices. Backblaze will only be installed if specifically requested by the Legal and People Ops teams for the purpose of a legal hold or investigation. The installation and use of Backblaze will be conducted in accordance with all applicable laws and regulations, including data protection and privacy laws. Deployment of Backblaze to a team member’s device will remove the current requirement for a departing team member on Legal Hold to send their laptop to a CorpSec team member for imaging before the laptop is wiped.
When Backblaze is installed on a device:
- CorpSec will only backup data that is relevant to the Legal Hold or Investigation.
- Personal data in the designated “Personal Folder” will not be backed up by Backblaze.
- Team Members will typically be notified before Backblaze is installed on their device.
- Data backed up by Backblaze will be stored securely and access will be strictly limited to authorized personnel involved in the legal hold or investigation.
- Once the legal hold or investigation is complete, all data backed up by Backblaze will be securely deleted in accordance with data retention policies and applicable laws.
If you have any questions or concerns about the use of Backblaze, please contact the Legal department via email at legal_internal@gitlab.com.
In jurisdictions where Team Members are allowed to use their Company-issued devices for personal use, we highly encourage Team Members to create a folder on their device titled “Personal Folder” or “personal-folder”. The Personal Folder must be stored as a sub-folder within the Desktop, Documents, or User folders of your laptop in order to be exempt from the creation of the image. You should store all personal files in this Personal Folder and CorpSec will exercise reasonable efforts to respect the privacy of this Personal Folder. However, we suggest you avoid storing any highly-sensitive personal files on your Company-issued device, and no company work product or job related documents should be stored in the Personal Folder.
Examples of valid personal folder locations
/Users/username/Desktop/Personal Folder
/Users/username/Documents/Personal Folder
/Users/username/Personal Folder
/Users/username/personal-folder
Any Personal Data collected during the creation of the image will be handled in strict compliance with the General Data Protection Regulation (GDPR) and other applicable data privacy laws. Personal Data will be processed based on legitimate interests, compliance with legal obligations, or your consent when necessary. Only the data necessary for the stated purposes will be collected and processed. All Personal Data will be secured against unauthorized access, loss, or destruction.
5c209835
)