Document
As confidentially submitted to the Securities and Exchange Commission on July 16, 2021. This draft registration statement has not been publicly filed with the Securities and Exchange Commission and all information herein remains strictly confidential.
Registration No. 333-             
UNITED STATES
SECURITIES AND EXCHANGE COMMISSION
Washington, D.C. 20549
FORM S-1
REGISTRATION STATEMENT
UNDER
THE SECURITIES ACT OF 1933
GITLAB INC.
(Exact name of registrant as specified in its charter)
Delaware737247-1861035
(State or other jurisdiction of incorporation or organization)
(Primary Standard Industrial Classification Code Number)
(I.R.S. Employer Identification Number)
Address Not Applicable1(Address, including zip code, and telephone number, including area code, of registrant’s principal executive offices)
Sytse Sijbrandij
Chairman and Chief Executive Officer
GitLab Inc.
Address Not Applicable1
(Address, including zip code, and telephone number, including
area code, of registrant’s principal executive offices)
Corporation Service Company.
251 Little Falls Drive
Wilmington, DE 19808
(800) 927-9800
(Name, address, including zip code, and telephone number, including area code, of agent for service)
Copies to:
Cynthia Hess
Steven Levine
James Evans
Ran Ben-Tzur
Aman Singh
Ryan Mitteness
Fenwick & West LLP
801 California Street
Mountain View, California 94041
(650) 988-8500
Robin J. Schulman
Chief Legal Officer and Corporate Secretary
GitLab Inc.
Address Not Applicable
Marc D. Jaffe
Gregory P. Rodgers
Ian D. Schuman
Benjamin J. Cohen
Brittany D. Ruiz
Latham & Watkins LLP
1271 Avenue of the Americas
New York, New York 10020
(212) 906-1200
Approximate date of commencement of proposed sale to the public:
As soon as practicable after the effective date of this registration statement.
If any of the securities being registered on this Form are to be offered on a delayed or continuous basis pursuant to Rule 415 under the Securities Act of 1933, as amended, or Securities Act, check the following box: ☐
If this Form is filed to register additional securities for an offering pursuant to Rule 462(b) under the Securities Act, please check the following box and list the Securities Act registration statement number of the earlier effective registration statement for the same offering. ☐
If this Form is a post-effective amendment filed pursuant to Rule 462(c) under the Securities Act, check the following box and list the Securities Act registration statement number of the earlier effective registration statement for the same offering. ☐
If this Form is a post-effective amendment filed pursuant to Rule 462(d) under the Securities Act, check the following box and list the Securities Act registration statement number of the earlier effective registration statement for the same offering. ☐
Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, a smaller reporting company, or an emerging growth company. See the definitions of “large accelerated filer,” “accelerated filer,” “smaller reporting company,” and “emerging growth company” in Rule 12b-2 of the Securities Exchange Act of 1934, as amended.
Large accelerated filer ☐Accelerated filer ☐
Non-accelerated filer ☒Smaller reporting company ☐
Emerging growth company ☒
If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 7(a)(2)(B) of the Securities Act. ☐
CALCULATION OF REGISTRATION FEE
Title of Each Class of Securities to be Registered
Proposed Maximum
Aggregate Offering Price(1)(2)
Amount of
Registration fee(3)
Class A common stock, $0.0000025 par value per share$$
(1)Estimated solely for the purpose of calculating the amount of the registration fee in accordance with Rule 457(o) of the Securities Act.
(2)Includes the aggregate offering price of additional shares that the underwriters have the option to purchase, if any.
(3)To be paid in connection with the initial public filing of the registration statement.
The registrant hereby amends this registration statement on such date or dates as may be necessary to delay its effective date until the registrant shall file a further amendment which specifically states that this registration statement shall thereafter become effective in accordance with Section 8(a) of the Securities Act or until the registration statement shall become effective on such date as the Securities and Exchange Commission, acting pursuant to said Section 8(a), may determine.
1 We are a remote-only company. Accordingly, we do not maintain a headquarters.



Explanatory Note
Pursuant to the applicable provisions of the Fixing America’s Surface Transportation Act, we are omitting our financial statements as of and for the three months ended April 30, 2021 and 2020 because they relate to a historical period that we believe will not be required to be included in the prospectus at the time of the contemplated offering. We intend to amend the registration statement to include all financial information required by Regulation S-X at the date of such amendment before distributing a preliminary prospectus to investors.



The information in this preliminary prospectus is not complete and may be changed. We may not sell these securities until the registration statement filed with the Securities and Exchange Commission is effective. This preliminary prospectus is not an offer to sell these securities and we are not soliciting offers to buy these securities in any jurisdiction where the offer or sale is not permitted. 
Subject to Completion. Dated             , 2021.
            Shares
https://cdn.kscope.io/33c468a55f7bad23e274a693dae1d90d-logoa.jpg
GitLab Inc.
Class A Common Stock
This is an initial public offering of shares of Class A common stock of GitLab Inc. 
Prior to this offering, there has been no public market for our Class A common stock. It is currently estimated that the initial public offering price per share will be between $      and $     . We intend to list the Class A common stock on the           under the symbol “           .”
We have two classes of authorized common stock, Class A common stock and Class B common stock. The rights of the holders of Class A common stock and Class B common stock are identical, except with respect to voting and conversion rights. Each share of Class A common stock is entitled to one vote per share. Each share of Class B common stock is entitled to 10 votes per share and is convertible into one share of Class A common stock. Outstanding shares of Class B common stock will represent approximately          % of the voting power of our outstanding capital stock immediately following the completion of this offering, with our directors, executive officers, and beneficial owners of 5% or greater of our outstanding capital stock, and their respective affiliates, holding approximately           % of the voting power of our outstanding capital stock immediately following the completion of this offering, assuming no exercise of the underwriters’ option to purchase additional shares.
We intend to apply to list our Class A common stock on the          under the symbol “          .”
We are an “emerging growth company” as defined under the federal securities laws and, as such, we have elected to comply with certain reduced reporting requirements for this prospectus and may elect to do so in future filings. See “Prospectus Summary—Implications of Being an Emerging Growth Company.”
See "Risk Factors" on page 17 to read about factors you should consider before buying shares of our Class A common stock.
 Per Share
Total(1)
Initial public offering price$$
Underwriting discount$$
Proceeds, before expenses, to us$$
_____________
(1)See the section titled “Underwriting” for a description of the compensation payable to the underwriters.
We have granted the underwriters an option to purchase up to an additional          shares of our Class A common stock, at the initial public offering price less the underwriting discount.
The Securities and Exchange Commission and state securities regulators have not approved or disapproved these securities, or determined if this prospectus is truthful or complete. Any representation to the contrary is a criminal offense.
The underwriters expect to deliver the shares of Class A common stock to purchasers on                      , 2021.
Goldman Sachs & Co. LLC
Prospectus dated               , 2021



TABLE OF CONTENTS
PAGE
Through and including          , 2021 (the 25th day after the date of this prospectus), all dealers effecting transactions in these securities, whether or not participating in this offering, may be required to deliver a prospectus. This is in addition to a dealer’s obligation to deliver a prospectus when acting as an underwriter and with respect to an unsold allotment or subscription.
Neither we nor the underwriters have authorized anyone to provide any information or to make any representations other than those contained in this prospectus or in any free writing prospectuses prepared by or on behalf of us or to which we have referred you. Neither we nor the underwriters take any responsibility for, and can provide no assurance as to the reliability of, any other information that others may give you. We are offering to sell, and seeking offers to buy, shares of Class A common stock only in jurisdictions where offers and sales are permitted. The information contained in this prospectus is accurate only as of the date of this prospectus, regardless of the time of delivery of this prospectus or of any sale of the shares of Class A common stock. Our business, operating results, financial condition and prospects may have changed since the date of this prospectus.
For investors outside the United States: Neither we nor any of the underwriters have taken any action that would permit this offering or possession or distribution of this prospectus in any jurisdiction where action for that purpose is required, other than in the United States. You are required to inform yourselves about and to observe any restrictions relating to this offering and the distribution of this prospectus.
i


PROSPECTUS SUMMARY
The following summary highlights selected information that is presented in greater detail elsewhere in this prospectus. This summary does not contain all the information you should consider before investing in our Class A common stock. You should carefully read this prospectus in its entirety before investing in our Class A common stock, including the sections titled “Risk Factors,” “Management’s Discussion and Analysis of Financial Condition and Results of Operations,” “Special Note Regarding Forward-Looking Statements,” and our consolidated financial statements and the accompanying notes included elsewhere in this prospectus. Our fiscal year end is January 31, and our fiscal quarters end on April 30, July 31, October 31, and January 31. Our fiscal years ended January 31, 2020 and 2021 are referred to herein as fiscal 2020 and fiscal 2021, respectively.
GITLAB INC.
Overview
We believe in an innovative world powered by software. To realize this vision, we pioneered The DevOps Platform, a fundamentally new approach to DevOps consisting of a single codebase and interface with a unified data model. The DevOps Platform allows everyone to contribute to build better software rapidly, efficiently, and securely.
Today, every industry, business, and function within a company is dependent on software. To remain competitive and survive, nearly all companies must digitally transform and become experts at building and delivering software.
GitLab is The DevOps Platform, a single application that brings together development, operations, IT, security, and business teams to deliver desired business outcomes. Having all teams on a single application with a single interface represents a step change in how organizations plan, build, secure, and deliver software.
The DevOps Platform accelerates our customers’ ability to create business value and innovate by reducing their software development cycle times from weeks to minutes. It removes the need for point tools and delivers enhanced operational efficiency by eliminating manual work, increasing productivity, and creating a culture of innovation and velocity. The DevOps Platform also embeds security earlier into the development process, improving our customers’ software security, quality, and overall compliance.
DevOps is the set of practices that combines software development (dev) and IT operations (ops). It aims to allow teams to collaborate and work together to shorten the development lifecycle and evolve from delivering software on a slow, periodic basis to rapid, continuous updates. When DevOps started, each team bought their own tools in isolation, leading to a “Siloed DevOps” environment. The next evolution was standardizing company-wide on the same tool for each stage across the DevOps lifecycle. However, these tools were not connected, leading to a “Fragmented DevOps” environment. Companies tried to remedy this fragmentation and inefficiency by manually integrating these DevOps point solutions together defining the next phase: “DIY DevOps.”
At the same time, the faster delivery of software required more DevOps tools per project. Increased adoption of a microservice architecture led to more projects. The combination caused an exponential increase in the number of tool-project integrations. This has often led to poor user experiences, higher costs, and increased time to deliver new software. As a result, business outcomes often failed and the potential for DevOps was never fully realized. In short, an entirely new platform for DevOps was needed. We pioneered The DevOps Platform to solve this problem.
The DevOps Platform replaces the DIY DevOps approach. It enables organizations to realize the full potential of DevOps and become software-led businesses. It spans all stages of the DevOps lifecycle, from project planning, or Plan, to source code management, or Create, to continuous integration, or Verify, to static and dynamic application security testing, or Secure, to packaging artifacts, or Package, to
1


continuous delivery and deployment, or Release, to configuring infrastructure for optimal deployment, or Configure, to monitoring it for incidents, or Monitor, to protecting the production deployment, or Protect, and managing the whole cycle with value stream analytics, or Manage. It also allows customers to manage and secure their applications across any cloud through a single platform.
The DevOps Platform has broad use across organizations. It helps product and business teams to work with developers to introduce new features and drive successful business outcomes. It helps Chief Technology Officers, or CTOs, modernize their DevOps environment and drive developer productivity. It helps Chief Information Officers, or CIOs, adopt microservices and cloud native development to improve the efficiency, scale, and performance of their software architecture. It helps Chief Information Security Officers, or CISOs, reduce security vulnerabilities and deliver software faster. It helps organizations attract and retain top talent by allowing people to focus more time on their job and less time managing tools.
The majority of our customers begin by using Create and Verify. Developers use Create to collaborate together on the same code base without conflicting or accidentally overwriting each other's changes. Create also maintains a running history of software contributions from each developer to allow for version control. Teams use Verify to ensure changes to code go through defined quality standards with automatic testing and reporting. We believe serving as this system of record for code and our high engagement with developers is a competitive advantage in realizing our single application vision as it creates interdependence and adoption across more stages of the DevOps lifecycle, such as Package, Secure, and Release. As more stages are addressed within a single application, the benefits of The DevOps Platform are enhanced.
We are committed to advancing The DevOps Platform. Our dual flywheel development strategy leverages both development spend from our research and development team members as well as community contributions via our open core business model. By leveraging the power of each, we create a virtuous cycle where more contributions lead to more features, which leads to more users, leading back to more contributions.
We emphasize iteration to drive rapid innovation in our development strategy. This iterative approach has enabled us to release a new version of our software on the 22nd day of every month for 115 months in a row as of April 30, 2021. This is also due in part to our over 2,400 contributors in our global, open source community as of April 30, 2021. GitLab team members also use The DevOps Platform to power our own DevOps lifecycle. By doing so, we benefit from the inherent advantages of using a single application. We leverage these learnings to establish a rapid feedback loop to continually and rapidly improve The DevOps Platform.
We have been a 100% remote workforce since inception and, as of April 30, 2021, had approximately 1,300 team members in over 65 countries. Operating remotely allows us access to a global talent pool that enables us to hire talented team members, regardless of location, providing a strong competitive advantage. We foster a culture of results built on our core values of collaboration, results, efficiency, diversity-inclusion-belonging, iteration, and transparency. We aim to be transparent to build alignment and affinity with our community and customers. This is exemplified through our corporate handbook, or the Handbook, our central repository that details how we run GitLab and is shared with the world. It consists of over 13,000 public pages of text, including our strategy and roadmap. We welcome everyone, both inside and outside of the company, to contribute to the Handbook.
We have an open core business model. We offer a free tier with a large number of features to encourage use of The DevOps Platform, solicit contributions, and serve as targeted lead generation for paid customers. We also offer two paid subscription tiers with access to additional features that are more relevant to managers, directors, and executives. Our subscription plans are available as a self-managed offering where customers typically download to run The DevOps Platform in their own account in the public cloud, and also a Software-as-a-Service, or SaaS, offering which is managed by GitLab and hosted in our account in the public cloud.
2


The DevOps Platform is used globally by organizations of all sizes across a broad range of industries. To reach, engage and help drive success at each, our sales force is amplified by our strategic hyperscaler partnerships, including Amazon Web Services, or AWS, who offer The DevOps Platform on their marketplaces. We also benefit from strategic alliance partnerships, which resell The DevOps Platform to large enterprise customers, and our strong channel partnerships ranging from large global systems integrators to regional digital transformation specialists, and volume resellers.
We employ a land-and-expand sales strategy. Our customer journey typically begins with developers and then expands to more teams and up to senior executive buyers. Our Dollar-Based Net Retention Rate was 148% for fiscal 2021. Our cohort of customers generating $5,000 or more in annual recurring revenue, or ARR, which we refer to as Base Customers, grew from 1,662 as of January 31, 2020 to 2,745 as of January 31, 2021.
Our business has experienced rapid growth. We generated revenue of $81.2 million and $152.2 million in fiscal 2020 and 2021, respectively, representing growth of 87.3%. During this period, we continued to invest in growing our business to capitalize on our market opportunity. Our net loss was $130.7 million and $192.2 million in fiscal 2020 and 2021, respectively. Our operating cash flow margin, which we define as operating cash flows as a percentage of revenue, was (74.1)% and (48.4)% for fiscal 2020 and 2021, respectively. Our gross profit was 88% for each of fiscal 2020 and 2021, respectively.
Industry Overview
Important industry and technology trends for our business include:
Digital transformation driven by internal software development is a corporate imperative today irrespective of industry. We are in the midst of a generational disruption whereby non-digital native companies are seeking to become software-led businesses.
Modern software development requires companies to embrace both DevOps and DevSecOps. DevOps aims to allow teams to collaborate and work together to shorten the development lifecycle and provide continuous delivery of high quality software. Increasingly, DevSecOps, which combines IT security practices into DevOps, is being adopted to embed security best practices earlier in the development process to enhance security while also maintaining velocity.
Faster time to market through cycle time compression is key to business success. Reducing the cycle times to deliver new software from months to weeks, hours, or minutes is critical to organizational objectives and maintaining industry competitiveness.
Companies are embracing microservices to enhance their speed and efficiency. Companies are modularizing applications into smaller components through microservices to release new features or amend existing features faster.
Companies are embracing cloud-first and multi-cloud strategies. Companies have embraced a cloud-first strategy to scale their DevOps initiatives, providing teams with faster, cheaper, and more flexible infrastructure that doesn’t require manual overhead.
Companies are consolidating point tools and adopting full platform services. To streamline efficiency organizations are consolidating point tools and adopting full platform services.
Best-in-class platforms are essential to hiring the right developers. It is a strategic priority for organizations to invest in hiring the best developer talent. In order to hire the best developers, it is essential to have a DevOps platform with good documentation, open transparency, and an engaging community.
3


Limitations of Alternative Approaches to DevOps
Existing approaches to DevOps suffer from some or all of the following limitations:
Built to only address certain stages of the DevOps lifecycle. The underlying architectures and codebases of point products were originally designed to address discrete parts of the DevOps lifecycle.
Slower software cycle release times. DIY DevOps products often have much slower software cycle release times that can be measured in weeks or months instead of minutes or hours.
Lower operational efficiency, adaptability and output. We believe DIY DevOps makes teams less productive as they spend more of their time managing integrations across their tools rather than building new software and products.
Higher direct and indirect costs. DIY DevOps results in managing relationships, licensing, and procurement across a number of vendors. This results in excess direct costs to the organization. Further, this approach creates indirect costs due to lost visibility and transparency resulting from numerous handoffs across stages.
High error rates and security vulnerabilities. DIY DevOps requires discrete tools across development, operations and security teams often leading to lower quality code with more security vulnerabilities.
Inability to embrace workload portability and a multi-cloud strategy. Platforms with features optimized to run more efficiently on certain clouds limit the ability for organizations to embrace a true multi-cloud strategy.
Inability to govern, automate, measure, and analyze leads to poor compliance. DIY DevOps creates a lack of ability to oversee the fulsome process and to analyze and automate the DevOps process as one cohesive unit.
Our Solution
The DevOps Platform consists of a single codebase and interface with a unified data model. It is purpose-built to address every stage of the DevOps lifecycle:
Manage. Helps organizations optimize and analyze the flow of work through the full DevOps value stream.
Plan. Helps teams collaboratively plan together in the same system, which enables faster and more efficient work in all other stages of The DevOps Platform.
Create. Helps teams design, develop and securely manage code and project data from a single distributed version control system to enable rapid iteration and delivery of business value.
Verify. Helps software teams fully embrace Continuous Integration, or CI, to automate the builds, integration and verification of their code.
Package. Enables teams to manage the necessary components of their applications and dependencies, manage containers, and build artifacts with ease.
Secure. Provides a host of up to date security testing environments to assure users deliver sage, secure, and compliant software. These environments include Static Application Security Testing, or SAST, Dynamic Application Security Testing, or DAST, Fuzz Testing, Container Scanning, and Dependency Scanning.
4


Release. Helps automate the release and delivery of applications, shortening the delivery lifecycle, streamlining manual processes, and accelerating team velocity.
Configure. Helps teams to configure and manage their application environments.
Monitor. Provides feedback in the form of errors, traces, metrics, logs, and alerts to help reduce the severity and frequency of incidents so that users can release software frequently with confidence.
Protect. Provides cloud native protections, including unified policy management, container scanning, and container network and host security.
Key Benefits Delivered to our Customers
The DevOps Platform accelerates our customers’ ability to create business value and innovate by reducing their software development cycle times from weeks to minutes. It removes the need for point tools and delivers enhanced operational efficiency by eliminating manual work, increasing productivity, and creating a culture of innovation and velocity. The DevOps Platform also embeds security earlier into the development process, improving our customers’ software security, quality, and overall compliance.
It enables customers to:
streamline workflows and processes, and enhance overall productivity and efficiency;
enhance their innovation and revenue growth due to faster time to market;
increase security by finding and correcting security vulnerabilities in software earlier or eliminating inefficiencies in the software development process altogether;
more easily log, track, and trace different steps across the DevOps lifecycle to better understand governance and improve their compliance posture;
attract world-class talent and boost team member morale, resulting in greater productivity by spending more time building, deploying, and securing software, and less time managing, integrating, and triaging across different tools;
reduce costs by enhancing productivity, consolidating point tools, and eliminating integrations; and
embrace the benefits of allowing our customers to have consistent compliance and value stream analytics while using multiple clouds.
Competitive Strengths
Our business benefits from the following competitive strengths:
The DevOps Platform helps our customers transform into software-led businesses;
The DevOps Platform is purpose-built to address every stage of the DevOps lifecycle as a single application, acting as a system of record for code and the key starting point from which all subsequent workflows in the DevOps lifecycle extend;
our dual flywheel development strategy leverages development spend and community contributions. It creates a virtuous cycle where more contributions leads to more features, which leads to more users, leading back to more contributions;
5


we emphasize iteration to drive rapid innovation in our development strategy. This has enabled us to release a new version of our software on the 22nd day of every month for 115 months in a row as of April 30, 2021;
our large open source installed base allows us to efficiently identify and obtain new paying customers;
The DevOps Platform maintains full feature parity and the same single application experience across any cloud environment;
we are agnostic as to who we serve, how we sell, and where we deploy; and
we are a pioneer and thought leader in all-remote work which enhances our brand with customers and team members.
Our Growth Strategy
We intend to continue making significant investments in sales and marketing, research and development, and our partner ecosystem to drive our growth. Key elements of our strategy include:
advance our feature maturity across more stages of the DevOps lifecycle;
drive growth by acquiring new customers;
drive increased expansion within our existing customer base;
further grow adoption of our SaaS offering;
grow and invest in our partner network; and
expand our global footprint.
Risk Factors Summary
Our business is subject to numerous risks and uncertainties, including those in the section titled “Risk Factors” immediately following this prospectus summary. These risks include the following:
Our business and operations have experienced rapid growth, and if we do not appropriately manage future growth, if any, or are unable to improve our systems, processes and controls, our business, financial condition, results of operations, and prospects will be adversely affected.
Our recent growth may not be indicative of our future growth, and we may not be able to sustain our revenue growth rate in the future. Our growth also makes it difficult to evaluate our future prospects and may increase the risk that we will not be successful.
We have a history of losses, anticipate increases in our operating expenses in the future, and may not achieve or sustain profitability on a consistent basis. If we cannot achieve and sustain profitability, our business, financial condition, and operating results may be adversely affected.
We face intense competition and could lose market share to our competitors, which would adversely affect our business, operating results, and financial condition.
The market for our services is new and unproven and may not grow, which would adversely affect our future results and the trading price of our common stock.
Our business depends on our customers purchasing and renewing subscriptions and purchasing additional subscriptions and services from us. Any decline in our customer renewals and expansions could harm our future operating results.
6


Transparency is one of our core values. While we will continue to prioritize transparency, we must also promote “responsible” transparency as transparency can have unintended consequences and detrimental impact on our business and competitive position.
We have a publicly available company Handbook that may not be up to date or accurate which at times may result in negative third party scrutiny or be used in ways that adversely affects our business.
Security and privacy breaches may hurt our business.
Customers may choose to stay on our open-source or free SaaS product offering instead of converting into a paying customer.
Our operating results may fluctuate significantly, which could make our future results difficult to predict and could adversely affect the trading price of our common stock.
We have a limited operating history which makes it difficult to evaluate our current business and future prospects and may increase the risks associated with your investment.
We have experienced rapid growth in recent periods. If we fail to manage our growth effectively, we may be unable to execute our business plan, maintain high levels of service or adequately address competitive challenges.
We may not be able to respond to rapid technological changes with new solutions, which could have a material adverse effect on our operating results.
We do not have an adequate history with our subscription or pricing models to accurately predict the long-term rate of customer subscription renewals or adoption, or the impact these renewals and adoption will have on our revenues or operating results.
We contract with our team members in various ways, including hiring directly, through professional employer organizations, or PEOs and as independent contractors. As a result of these methods of engagement, we face certain challenges and risks that can affect our business, operating results, and financial condition.
Channels for Disclosure of Information
Following the effectiveness of the registration statement of which this prospectus forms a part, we intend to announce material information to the public through filings with the Securities and Exchange Commission, or the SEC, the investor relations page on our website (www.about.gitlab.com), press releases, public conference calls, public webcasts, our Twitter account (@gitlab), our Facebook page, our LinkedIn page, our company news site (https://about.gitlab.com/press/) and our corporate blog (https://about.gitlab.com/blog/).
The information disclosed by the foregoing channels could be deemed to be material information. As such, we encourage investors, the media, and others to follow the channels listed above and to review the information disclosed through such channels.
Any updates to the list of disclosure channels through which we will announce information will be posted on the investor relations page on our website.
Corporate Information
We were incorporated in the State of Delaware as GitLab Inc. in September 2014. We are a remote-only company, meaning that all of our team members work remotely. Due to this, we do not currently have a principal executive office. Our website address is www.about.gitlab.com. The information contained on, or that can be accessed through, our website is not a part of this prospectus. Investors
7


should not rely on any such information in deciding whether to purchase our Class A common stock. Unless otherwise indicated, the terms “GitLab,” the “company,” “we,” “us,” and “our” refer to GitLab Inc. and our subsidiaries, and references to our “common stock” include our Class A common stock and Class B common stock.
GitLab, the GitLab logo, and other registered or common law trade names, trademarks, or service marks of GitLab appearing in this prospectus are the property of GitLab. This prospectus contains additional trade names, trademarks, and service marks of ours and of other companies. We do not intend our use or display of other companies’ trade names, trademarks, or service marks to imply a relationship with these other companies, or endorsement or sponsorship of us by these other companies. Other trademarks appearing in this prospectus are the property of their respective holders. Solely for convenience, our trademarks and trade names referred to in this prospectus appear without the ® and ™ symbols, but those references are not intended to indicate, in any way, that we will not assert, to the fullest extent under applicable law, our rights, or the right of the applicable licensor, to these trademarks and trade names.
Implications of Being an Emerging Growth Company
As a company with less than $1.07 billion in revenue during our most recently completed fiscal year, we qualify as an “emerging growth company” as defined in Section 2(a) of the Securities Act of 1933, as amended, or the Securities Act, as modified by the Jumpstart Our Business Startups Act of 2012, or the JOBS Act. As an emerging growth company, we may take advantage of specified reduced disclosure and other requirements that are otherwise applicable, in general, to public companies that are not emerging growth companies. These provisions include:
being permitted to present only two years of audited financial statements and only two years of related “Management’s Discussion and Analysis of Financial Condition and Results of Operations” disclosure in this prospectus;
an exemption from compliance with the auditor attestation requirement on the effectiveness of our internal control over financial reporting pursuant to the Sarbanes-Oxley Act of 2002, or the Sarbanes-Oxley Act;
an exemption from the requirement that critical audit matters be discussed in our independent auditor’s reports on our audited financial statements or any other requirements that may be adopted by the Public Company Accounting Oversight Board unless the SEC determines that the application of such requirements to emerging growth companies is in the public interest;
reduced disclosure about our executive compensation arrangements;
exemptions from the requirements to obtain a non-binding advisory vote on executive compensation or a stockholder approval of any golden parachute arrangements; and
extended transition periods for complying with new or revised accounting standards.
We will remain an emerging growth company until the earliest to occur of: (i) the last day of the fiscal year in which we have more than $1.07 billion in annual revenue; (ii) the date we qualify as a “large accelerated filer,” as defined in the rules under the Securities Exchange Act of 1934, as amended, or the Exchange Act, with at least $700 million of equity securities held by non-affiliates; (iii) the date on which we have issued, in any three-year period, more than $1.0 billion in non-convertible debt securities; and (iv) the last day of the fiscal year ending after the fifth anniversary of the completion of this offering.
We may take advantage of these exemptions until such time that we are no longer an emerging growth company. Accordingly, the information contained herein may be different than the information you receive from other public companies. Further, pursuant to Section 107 of the JOBS Act, as an emerging growth company, we have elected to take advantage of the extended transition period for complying with
8


new or revised accounting standards until those standards would otherwise apply to private companies. As a result, our operating results and financial statements may not be comparable to the operating results and financial statements of other companies who have adopted the new or revised accounting standards. It is possible that some investors will find our Class A common stock less attractive as a result, which may result in a less active trading market for our Class A common stock and higher volatility in our stock price.
9


THE OFFERING
Class A common stock offered by us          shares.
Underwriters’ option to purchase additional shares of Class A common stock          shares.
Class A common stock to be outstanding after this offering          shares (          shares if the underwriters exercise their option to purchase additional shares in full).
Class B common stock to be outstanding after this offering          shares.
Total Class A and Class B common stock to be outstanding after this offering          shares (          shares if the underwriters exercise their option to purchase additional shares in full).
Use of proceeds
We estimate that the net proceeds from the sale of shares of our Class A common stock in this offering will be approximately $        , or approximately $          if the underwriters’ option to purchase additional shares is exercised in full, based upon the assumed initial public offering price of $          per share, which is the midpoint of the offering price range set forth on the cover page of this prospectus, and after deducting estimated underwriting discounts and commissions and estimated offering expenses.
We primarily intend to use the net proceeds from this offering for working capital and other general corporate purposes. We may also use a portion of the proceeds for the acquisition of, or investment in, technologies, solutions, or businesses that complement our business. However, we do not have agreements or commitments for any acquisitions or investments outside the ordinary course of business at this time. See the section titled “Use of Proceeds” for additional information.
10


Voting rightsFollowing the completion of this offering, shares of our Class A common stock will be entitled to one vote per share. Shares of Class B common stock will be entitled to ten votes per share. Holders of our Class A common stock and Class B common stock will generally vote together as a single class, unless otherwise required by law or our restated certificate of incorporation. Following the completion of this offering, each share of our Class B common stock will be convertible into one share of our Class A common stock at any time and will convert automatically upon certain transfers and upon the earlier of (i) ten years from the date of this prospectus, (ii) the death or disability, as defined in our restated certificate of incorporation, of Sytse Sijbrandij, (iii) the first date following the completion of this offering on which the number of shares of outstanding Class B common stock (including shares of Class B common stock subject to outstanding stock options) is less than 5% of the aggregate number of shares of common stock then outstanding and (iv) the date specified by a vote of the holders of two-thirds of the then outstanding shares of Class B common stock. The holders of our outstanding Class B common stock will hold          % of the voting power of our outstanding capital stock following this offering, with our directors, executive officers, and beneficial owners of 5% or greater of our outstanding capital stock and their respective affiliates holding          % of the voting power in the aggregate. These stockholders will have the ability to control the outcome of matters submitted to our stockholders for approval, including the election of our directors and the approval of any change of control transaction. See the sections titled “Principal Stockholders” and “Description of Capital Stock” for additional information.
Risk factorsSee the section titled “Risk Factors” and other information included in this prospectus for a discussion of some of the factors you should consider before deciding to purchase shares of our Class A common stock.
Proposed trading symbol“          .”
The number of shares of our Class A common stock and Class B common stock that will be outstanding after this offering is based on          shares of our Class A common stock outstanding and          shares of our Class B common stock outstanding (after giving effect to the automatic conversion of all outstanding shares of convertible preferred stock into an aggregate of         shares of Class B common stock immediately prior to the completion of this offering), in each case, as of January 31, 2021, and excludes:
          shares of our Class B common stock issuable upon the exercise of options to purchase shares of our Class B common stock outstanding as of January 31, 2021 under our 2015 Equity Incentive Plan, or 2015 Plan, with a weighted-average exercise price of $          per share;
          shares of our Class B common stock issuable upon the exercise of options to purchase shares of our Class B common stock granted after January 31, 2021 under our 2015 Plan with a weighted-average exercise price of $          per share;
          shares of our Class B common stock subject to restricted stock units, or RSUs, granted after January 31, 2021 under our 2015 Plan;
          shares of our Class B common stock issuable upon the exercise of warrants to purchase shares of our Class B common stock outstanding as of January 31, 2021 with a weighted-average exercise price of $          per share; and
11


          shares of our common stock reserved for future issuance under our equity compensation plans, consisting of (i)          shares of our Class B common stock reserved for future issuance under our 2015 Plan as of January 31, 2021 (which number of shares is prior to the options to purchase shares of our Class B common stock granted after January 31, 2021), and (ii)         shares of our Class A common stock reserved for future issuance under our 2021 Equity Incentive Plan, or the 2021 Plan, which will become effective on the date immediately prior to the date of this prospectus.
On the date of this prospectus, any remaining shares of Class B common stock available for issuance under our 2015 Plan will be added to the shares of our Class A common stock reserved for issuance under our 2021 Plan, and we will cease granting awards under the 2015 Plan. Our 2021 Plan also provides for automatic annual increases in the number of shares reserved thereunder. For additional information, see the section titled “Executive Compensation—Team Member Benefit and Stock Plans.”
Unless otherwise noted, the information in this prospectus reflects and assumes the following:
the automatic conversion of an aggregate of          shares of our convertible preferred stock outstanding as of January 31, 2021 into the same number of shares of Class B common stock upon completion of this offering, or, collectively, the Capital Stock Conversion;
the filing and effectiveness of our restated certificate of incorporation and the effectiveness of our restated bylaws, each of which will occur immediately prior to the completion of this offering;
no exercise of outstanding stock options or warrants subsequent to January 31, 2021; and
no exercise by the underwriters of their option to purchase additional shares of our Class A common stock in this offering.
12


SUMMARY CONSOLIDATED FINANCIAL AND OTHER DATA
The following tables summarize our consolidated financial and other data. We derived our summary consolidated statements of operations data for the fiscal years ended January 31, 2020 and 2021 (except for pro forma basic and diluted net loss per share attributable to common stockholders and weighted-average shares used in computing pro forma basic and diluted net loss per share attributable to common stockholders) and our summary consolidated balance sheet data as of January 31, 2021 from our audited consolidated financial statements included elsewhere in this prospectus. Our historical results are not necessarily indicative of the results to be expected in the future. You should read the following summary consolidated financial and other data in conjunction with the section titled “Management’s Discussion and Analysis of Financial Condition and Results of Operations,” and our consolidated financial statements, the accompanying notes, and other financial information included elsewhere in this prospectus. Our historical results are not necessarily indicative of our future results. Our fiscal year end is January 31, and our fiscal quarters end on April 30, July 31, October 31, and January 31.
Consolidated Statements of Operations Data
Fiscal Year Ended January 31,
20202021
Revenue:
Subscription—self-managed and SaaS$70,367 $132,763 
License—self-managed and other10,860 19,413 
Total revenue81,227 152,176 
Cost of revenue(1):
Subscription—self-managed and SaaS6,467 14,453 
License—self-managed and other2,909 4,010 
Total cost of revenue9,376 18,463 
Gross profit71,851 133,713 
Operating expenses:
Sales and marketing(1)
99,225 154,086 
Research and development(1)
59,364 106,643 
General and administrative(1)
41,629 86,868 
Total operating expenses200,218 347,597 
Loss from operations(128,367)(213,884)
Interest income3,626 1,070 
Other income (expense), net(4,800)23,452 
Net loss before provision for income taxes(129,541)(189,362)
Provision for income taxes(1,200)(2,832)
Net loss$(130,741)$(192,194)
Net loss per share attributable to Class A and Class B common stockholders, basic and diluted(2)
$(2.76)$(3.82)
Weighted-average shares used to compute net loss per share attributable to Class A and Class B common stockholders, basic and diluted47,308 50,343 
Pro forma net loss per share attributable to Class A and Class B common stockholders, basic and diluted (unaudited)(3)
$(1.48)
Weighted-average shares used to compute pro forma net loss per share attributable to Class A and Class B common stockholders, basic and diluted (unaudited)129,894 
13


______________
(1)Includes stock-based compensation expense as follows:
Year Ended January 31,
20202021
(in thousands)
Cost of revenue$365 $1,185 
Research and development11,315 31,519 
Sales and marketing4,699 21,504 
General and administrative24,493 57,638 
Total stock-based compensation expense$40,872 $111,846 
Stock-based compensation expense for fiscal 2020 and 2021 includes $32.7 million and $103.8 million, respectively, of compensation expense related to secondary stock sales described in Note 15 to our consolidated financial statements included elsewhere in this prospectus.
(2)See Notes 2 and 14 to our consolidated financial statements included elsewhere in this prospectus for an explanation of the calculation of our basic and diluted net loss per share attributable to common stockholders.
(3)Basic and diluted pro forma net loss per share attributable to common stockholders for fiscal 2021 gives effect to the Capital Stock Conversion as though the conversion had occurred as of the beginning of the period or the original date of issuance, if later.
Unaudited Pro Forma Net Loss Per Share
The following table sets forth the calculation of unaudited pro forma basic and diluted net loss per share (in thousands, except per share data):
Year Ended January 31, 2021
Numerator:
Net loss attributable to Class A and Class B common stockholders$(192,194)
Denominator:
Weighted average shares used in computing net loss per share attributable to Class A and Class B common stockholders, basic and diluted50,343 
Weighted-average of convertible preferred shares upon assumed conversion in IPO79,551 
Weighted-average shares used in computing pro forma net loss per share, basic and diluted129,894 
Pro forma net loss per share attributable to Class A and Class B common stockholders, basic and diluted
$(1.48)
14


Consolidated Balance Sheet Data
As of January 31, 2021
Actual
Pro Forma(1)
Pro Forma
As Adjusted(2)(3)
(in thousands)
Cash and cash equivalents$282,850 $$
Working capital(4)
221,312 
Total assets362,566 
Convertible preferred stock424,904 
Additional paid-in capital186,892 
Accumulated deficit(398,199)
Total stockholders’ (deficit) equity(231,222)
______________
(1)The pro forma column above reflects (i) the Capital Stock Conversion, as if such conversion had occurred on January 31, 2021 and (ii) the filing and effectiveness of our restated certificate of incorporation that will become effective immediately prior to the completion of this offering.
(2)The pro forma as adjusted column above gives effect to (i) the pro forma adjustments set forth above and (ii) the sale and issuance by us of              shares of our Class A common stock in this offering, based upon the assumed initial public offering price of $       per share, which is the midpoint of the offering price range set forth on the cover page of this prospectus, and after deducting estimated underwriting discounts and commissions and estimated offering expenses.
(3)Each $1.00 increase or decrease in the assumed initial public offering price of $          per share, which is the midpoint of the offering price range set forth on the cover page of this prospectus, would increase or decrease the amount of our pro forma as adjusted cash and cash equivalents, working capital, total assets, additional paid-in capital, and total stockholders’ (deficit) equity by $          million, assuming that the number of shares of our Class A common stock offered, as set forth on the cover page of this prospectus, remains the same, after deducting estimated underwriting discounts and commissions. An increase or decrease of 1.0 million shares in the number of shares offered by us would increase or decrease, as applicable, the amount of our pro forma as adjusted cash and cash equivalents, working capital, total assets, additional paid-in capital, and total stockholders’ (deficit) equity by $          million, assuming the assumed initial public offering price remains the same, and after deducting estimated underwriting discounts and commissions.
(4)Working capital is defined as current assets less current liabilities.
Key Business Metrics and Non-GAAP Financial Measures
We review a number of operating and financial metrics, including the following key metrics and non-GAAP financial measures to evaluate our business, measure our performance, identify trends affecting our business, formulate business plans, and make strategic decisions. See the sections titled “Management’s Discussion and Analysis of Financial Condition and Results of Operations—Key Business Metrics” for additional information regarding our key business metrics and “Management’s Discussion and Analysis of Financial Condition and Results of Operations—Non-GAAP Financial Measures” for additional information.
As of or For the Year Ended
January 31,
20202021
Dollar-Based Net Retention Rate179 %148 %
$100,000 ARR Customers173 283 
15


Year Ended January 31,
20202021
(in thousands)
GAAP gross profit$71,851 $133,713 
Add: stock-based compensation expense365 1,185 
Non-GAAP gross profit$72,216 $134,898 
GAAP operating loss$(128,367)$(213,884)
Add: amortization of intangible assets— 222 
Add: stock-based compensation expense40,507 110,661 
Non-GAAP operating loss$(87,860)$(103,001)
16


RISK FACTORS
Investing in our Class A common stock involves a high degree of risk. You should carefully consider the risks and uncertainties described below, together with all of the other information in this prospectus, including the section titled “Management’s Discussion and Analysis of Financial Condition and Results of Operations,” and our consolidated financial statements and the accompanying notes included elsewhere in this prospectus before making a decision to invest in our Class A common stock. Our business, financial condition, operating results, or prospects could also be adversely affected by risks and uncertainties that are not presently known to us or that we currently believe are not material. If any of the risks actually occur, our business, financial condition, operating results, and prospects could be adversely affected. In that event, the market price of our Class A common stock could decline, and you could lose all or part of your investment.
Risks Related to Our Business and Financial Position
Our business and operations have experienced rapid growth, and if we do not appropriately manage future growth, if any, or are unable to improve our systems, processes and controls, our business, financial condition, results of operations, and prospects will be adversely affected.
We have experienced rapid growth and increased demand for our products. Our total number of Base Customers has grown from 1,662 as of January 31, 2020 to 2,745 as of January 31, 2021. Our team member headcount has also increased significantly, and we expect to continue to grow our headcount over the next year. The growth and expansion of our business places a continuous significant strain on our management, operational, and financial resources. In addition, as customers adopt our products for an increasing number of use cases, we have had to support more complex commercial relationships. We must continue to improve and expand our information technology and financial infrastructure, our security and compliance requirements, our operating and administrative systems, our relationships with various partners and other third parties, and our ability to manage headcount and processes in an efficient manner to manage our growth effectively.
We may not be able to sustain the pace of improvements to our products successfully or implement systems, processes, and controls in an efficient or timely manner or in a manner that does not negatively affect our results of operations. Our failure to improve our systems, processes, and controls, or their failure to operate in the intended manner, may result in our inability to manage the growth of our business and to forecast our revenue, expenses, and earnings accurately, or to prevent losses.
Our recent growth may not be indicative of our future growth, and we may not be able to sustain our revenue growth rate in the future. Our growth also makes it difficult to evaluate our future prospects and may increase the risk that we will not be successful.
Our total revenues for fiscal 2020 and 2021 were $81.2 million and $152.2 million, respectively, representing a growth rate of 87.3%. You should not rely on the revenue growth of any prior quarter or annual period as an indication of our future performance. As a result of our limited operating history, our ability to accurately forecast our future results of operations is limited and subject to a number of uncertainties, including our ability to plan for and model future growth. Our historical revenue growth should not be considered indicative of our future performance.
Further, in future periods, our revenue could decline or our revenue growth rate could slow. Many factors may contribute to this decline, including changes to technology, increased competition, slowing demand for The DevOps Platform, the maturation of our business, a failure by us to continue capitalizing on growth opportunities, our failure, for any reason, to continue to take advantage of growth opportunities and a global economic downturn, among others. If our growth rate declines, investors’ perceptions of our business and the market price of our Class A common stock could be adversely affected.
17


In addition, we expect to continue to expend substantial financial and other resources on:
expansion and enablement of our sales, services, and marketing organization to increase brand awareness and drive adoption of The DevOps Platform;
product development, including investments in our product development team and the development of new features and functionality for The DevOps Platform;
technology and sales channel partnerships;
international expansion;
acquisitions or strategic investments; and
general administration, including increased legal and accounting expenses associated with being a public company.
These investments may not result in increased revenue in our business. If we are unable to maintain or increase our revenue at a rate sufficient to offset the expected increase in our costs, our business, financial position and results of operations will be harmed, and we may not be able to achieve or maintain profitability.
Our ability to forecast our future results of operations is subject to a number of uncertainties, including our ability to effectively plan for and model future growth. We have encountered in the past, and may encounter in the future, risks and uncertainties frequently experienced by growing companies in rapidly changing industries. If we fail to achieve the necessary level of efficiency in our organization as it grows, or if we are not able to accurately forecast future growth, our business would be harmed. Moreover, if the assumptions that we use to plan our business are incorrect or change in reaction to changes in our market, or we are unable to maintain consistent revenue or revenue growth, our share price could be volatile, and it may be difficult to achieve and maintain profitability.
We have a history of losses, anticipate increases in our operating expenses in the future, and may not achieve or sustain profitability on a consistent basis. If we cannot achieve and sustain profitability, our business, financial condition, and operating results may be adversely affected.
We have incurred losses in each year since our inception, including net losses of approximately $130.7 million and $192.2 million in the fiscal 2020 and 2021, respectively. As of January 31, 2021, we had an accumulated deficit of approximately $398.2 million. While we have experienced significant growth in revenue in recent periods, we cannot assure you that we will achieve profitability in future periods or that, if at any time we are profitable, we will sustain profitability. We also expect our operating and other expenses to increase in the foreseeable future as we continue to invest for our future growth, including expanding our research and development function to drive further development of The DevOps Platform, expanding our sales and marketing activities, developing the functionality to expand into adjacent markets, and reaching customers in new geographic locations, which will negatively affect our operating results if our total revenue does not increase. In addition to the anticipated costs to grow our business, we also expect to incur significant additional legal, accounting, and other expenses as a newly public company. These efforts and additional expenses may be more costly than we expect, and we cannot guarantee that we will be able to increase our revenue to offset our operating expenses. Our revenue growth may slow or our revenue may decline for a number of reasons, including reduced demand for The DevOps Platform, increased competition, an increased use of our free product offerings, a decrease in the growth or reduction in size of our overall market, or if we cannot capitalize on growth opportunities. Further, as our SaaS offering makes up an increasing percentage of our total revenue, we expect to see increased associated cloud-related costs, such as hosting and managing costs, which may adversely impact our gross margins. Any failure to increase our revenue or to manage our costs as we continue to grow and invest in our business would prevent us from achieving or maintaining profitability or maintaining
18


positive operating cash flow at all or on a consistent basis, which would cause our business, financial condition, and results of operations to suffer.
As we continue to invest in infrastructure, develop our services and features, increase our headcount and expand our sales and marketing activity, we may continue to have losses in future periods and these may increase significantly. As a result, our losses in future periods may be significantly greater than the losses we would incur if we developed our business more slowly. In addition, we may find that these efforts require greater investment of time, human and capital resources than we currently anticipate and/or that they may not result in increases in our revenues or billings. Any failure by us to achieve and sustain profitability on a consistent basis could cause the value of our Class A common stock to decline.
We face intense competition and could lose market share to our competitors, which would adversely affect our business, operating results, and financial condition.
The markets for our services are highly competitive, with limited barriers to entry. Competition presents an ongoing threat to the success of our business. We expect competition in the software business generally, and in web-based code hosting and collaboration services, in particular, to continue to increase. We expect to continue to face intense competition from current competitors, as well as from new entrants into the market. If we are unable to anticipate or react to these challenges, our competitive position would weaken, and we would experience a decline in revenue or reduced revenue growth, and loss of market share that would adversely affect our business, financial condition, and operating results.
We face competition in several areas due to the nature of our product. Our product offering is broad across ten stages of the software development lifecycle which has us competing with many providers with offerings from one to all ten stages. We compete with well-established providers such as Atlassian and Microsoft as well as other companies with offerings in fewer stages including with respect to both code hosting and code collaboration services, as well as file storage and distribution services. Many of our competitors are significantly larger than we are and have more capital to invest in their businesses.
We believe that our ability to compete depends upon many factors both within and beyond our control, including the following:
ability of our products or of those of our competitors to deliver the positive business outcomes prioritized and valued by our customers and prospects;
our ability to price our products competitively, including our ability to transition users of our free product offering to a paying version of The DevOps Platform;
the amount and quality of communications, postings, and sharing by our users on public forums, which can promote improvements on The DevOps Platform but may also lead to disclosure of commercially sensitive details;
the timing and market acceptance of services, including the developments and enhancements to those services offered by us or our competitors;
our ability to monetize activity on our services;
customer service and support efforts;
sales and marketing efforts;
ease of use, performance and reliability of solutions developed either by us or our competitors;
our ability to manage our operations in a cost effective manner;
insolvency or credit difficulties confronting our customers, affecting their ability to purchase or pay for our product offering;
19


our reputation and brand strength relative to our competitors;
introduction of new technologies or standards that compete with or are unable to be adopted in our products;
ability to attract new team members or retain existing team members which could affect our ability to attract new customers, service existing customers, enhance our product or handle our business needs;
our ability to maintain and grow our community of users; and
the length and complexity of our sales cycles.
Many of our current and potential competitors have greater financial, technical, marketing and other resources and larger customer bases than we do. Furthermore, our current or potential competitors may be acquired by third parties with greater available resources and the ability to initiate or withstand substantial price competition. In addition, many of our competitors have established sales and marketing relationships and access to larger customer bases. Our competitors may also establish cooperative relationships among themselves or with third parties that may further enhance their product offerings or resources. These factors may allow our competitors to respond more quickly than we can to new or emerging technologies and changes in customer preferences. These competitors may engage in more extensive research and development efforts, undertake more far-reaching marketing campaigns and adopt more aggressive pricing policies which may undercut our pricing policies and allow them to build a larger user base or to monetize that user base more effectively than us. If our competitors’ products, platforms, services or technologies maintain or achieve greater market acceptance than ours, if they are successful in bringing their products or services to market earlier than ours, or if their products, platforms or services are more technologically capable than ours, then our revenues could be adversely affected. In addition, some of our competitors may offer their products and services at a lower price. If we are unable to achieve our target pricing levels, our operating results would be negatively affected. Pricing pressures and increased competition could result in reduced sales, reduced margins, losses or a failure to maintain or improve our competitive market position, any of which could adversely affect our business.
The market for our services is new and unproven and may not grow, which would adversely affect our future results and the trading price of our common stock.
Because the market for our services is relatively new and rapidly evolving, it is difficult to predict customer adoption, customer demand for our services, the size and growth rate of this market, the entry of competitive products or the success of existing competitive services. Any expansion or contraction in our market depends on a number of factors, including the cost, performance and perceived value associated with our services and the appetite and ability of customers to use and pay for the services we provide. Further, even if the overall market for the type of services we provide continues to grow, we face intense competition from larger and more well-established providers and we may not be able to compete effectively or achieve market acceptance of our products. If we or other software and SaaS providers experience security incidents, loss of customer data, or disruptions in delivery or service, the market for these applications as a whole, including The DevOps Platform and products, may be negatively affected. If the market for our services does not achieve widespread adoption, we do not compete effectively in this market, or there is a reduction in demand for our software or our services in our market caused by a lack of customer acceptance, implementation challenges for deployment, technological challenges, lack of accessible data, competing technologies and services, decreases in corporate spending, including as a result of the COVID-19 pandemic, weakening economic conditions, or otherwise, it could result in reduced customer orders and decreased revenues, which would adversely affect our business operations and financial results.
We are dependent on sales and marketing strategies to drive our growth in our revenue. These sales and marketing strategies may not be successful in continuing to generate sufficient sales
20


opportunities. Any decline in our customer renewals and expansions could harm our future operating results.
Our business model depends on generating and maintaining a large user base that is extremely satisfied with The DevOps Platform. We rely on satisfied customers to expand their footprint by buying new products and services and adding additional users. The model is dependent on converting non-paying users to paying users. We have limited historical data with respect to the number of current and previous free users and the rates in which customers convert to paying customers, so we may not accurately predict future customer purchasing trends. In future periods, our growth could slow or our profits could decline for several reasons, including decreased demand for our product offerings and our professional services, increased competition, a decrease in the growth of our overall market, a decrease in corporate spending, or our failure, for any reason, to continue to capitalize on growth opportunities. We may be forced to change or abandon our subscription based revenue model in order to compete with our competitors’ offerings.
It could also become increasingly difficult to predict revenue and timing of collections as our mix of annual, multi-year and other types of transactions changes as a result of our expansion into cloud-based offerings. Our failure to execute on our revenue projections could impair our ability to meet our business objectives and adversely affect our results of operations and financial condition.
Our future success also depends in part on our ability to sell more subscriptions and additional services to our current customers. If our customers do not purchase additional subscriptions and services from us, our revenue may decline and our operating results may be harmed. Paying customers may decline or fluctuate as a result of a number of factors, including their satisfaction with our services and our end-customer support, the frequency and severity of product outages, our product uptime or latency, their satisfaction with the speed of delivering new features, and the pricing of our, or competing, services. We have limited historical data with respect to rates of paying customers buying more seats, uptiering, downtiering and churning, so we may not accurately predict future customer trends.
Our customer expansions and renewals may decline or fluctuate as a result of a number of factors, including: quality of our sales efforts customer usage, customer satisfaction with our services and customer support, our prices, the prices of competing services, mergers and acquisitions affecting our customer base, the effects of global economic conditions, or reductions in our customers’ spending levels generally.
Further, we have discontinued our starter and bronze tier product offerings, and users of these products will be required to upgrade to our paid offerings, switch to our free product or discontinue using our products. We cannot assure you that our customers will purchase our products, and if our end-customers do not purchase our products, our revenues may grow more slowly than expected or decline.
Transparency is one of our core values. While we will continue to prioritize transparency, we must also promote "responsible" transparency as transparency can have unintended negative consequences.
Transparency is one of our core values. As an all-remote open-source software company, we believe transparency is essential to how we operate our business and interact with our team members, the community, and our customers. We also find it to be critical for team member recruitment, retention, efficiency and our culture. In addition, our transparency is highly valued by both our customers and our contributors. While we will continue to emphasize transparency, we also promote and educate our team members about responsible internal and external transparency, as openly sharing certain types of information can potentially lead to unintended, and sometimes negative, consequences.
As a result of our transparency, our competitors and other outside parties may have access to certain information that is often kept confidential or internal at other companies through our Handbook, our team members’ open and public use of The DevOps Platform to run our business, and other avenues of communication we commonly use. The public availability of this information may allow our competitors to
21


take advantage of certain of our innovations, and may allow parties to take other actions, including litigation, that may have an adverse impact on our operating results or cause reputational harm, which in turn may have a negative economic impact.
As a public company, we will also be subject to Regulation FD, which imposes restrictions on the selective disclosure of material information to stockholders and other market participants, and other regulations. We will need to implement additional internal controls to maintain compliance with Regulation FD. However, if as a result of our transparency we disclose material information in a non-Regulation FD compliant matter, we may be subject to heightened regulatory and litigation risk.
The Handbook may not be up to date or accurate, which may result in negative third party scrutiny or be used in ways that adversely affects our business.
Consistent with our commitment to our transparency and efficiency values, we maintain a publicly available company Handbook that contains important information about our operations and business practices. This Handbook is open to the public and may be used by our competitors or bad actors in malicious ways that may adversely affect our business, operating results, and financial condition. Although we aim to keep the Handbook updated, the information in the Handbook may not be up to date at all times. Also, because any of our team members can contribute to the Handbook, the information in the Handbook may not be accurate. As a public company, we will need to implement disclosure controls and procedures, including internal controls over financial reporting, that comply with the U.S. securities law. As part of this process we intend to implement further controls around our company Handbook; however, if we fail to successfully implement the appropriate controls, we may face unintended disclosures of material information about the company through our Handbook, which lead to disclosure control failures, potential securities law violations, and reputational harm.
Security and privacy breaches may hurt our business.
The DevOps Platform processes, stores, and transmits our customers’ proprietary and sensitive data, including personal information, and financial data. We also use third-party service providers and sub-processors to help us deliver services to our customers and their end-users. These vendors may store or process personal information, or other confidential information of our team members, our partners, our customers, or our customers’ end-users. We collect such information from individuals located both in the United States and abroad and may store or process such information outside the country in which it was collected. While we, our third-party cloud providers, our third-party processors, and our customers have implemented security measures designed to protect against security breaches, these measures could fail or may be insufficient, resulting in the unauthorized access or disclosure, modification, misuse, destruction, or loss of our or our customers’ data or other sensitive information. Any security breach of The DevOps Platform, our operational systems, physical facilities, or the systems of our third-party processors, or the perception that one has occurred, could result in litigation, indemnity obligations, regulatory enforcement actions, investigations, compulsory audits, fines, penalties, mitigation and remediation costs, disputes, reputational harm, diversion of management’s attention, and other liabilities and damage to our business. Even though we do not control the security measures of our customers and other third parties, we may be responsible for any breach of such measures or suffer reputational harm even where we do not have recourse to the third party that caused the breach. In addition, any failure by our vendors to comply with applicable law or regulations could result in proceedings against us by governmental entities or others.
Security incidents compromising the confidentiality, integrity, and availability of our confidential or personal information and our and our third-party service providers’ information technology systems could result from cyber-attacks, denial-of-service attacks, social engineering, including ransomware attacks, business email compromises, computer malware, viruses, and social engineering (including phishing), which are prevalent in our industry and our customers’ industries. Any security breach or disruption could result in the loss or destruction of or unauthorized access to, or use, alteration, disclosure, or acquisition of confidential and personal information, which may cause damage to our reputation, early termination of
22


our contracts, litigation, regulatory investigations or other liabilities. If our, our customers’, or our partners’ security measures are breached as a result of third-party action, team member error, malfeasance or otherwise and, as a result, someone obtains unauthorized access to the GitLab application or data, including personal and/or confidential information of our customers, our reputation will be damaged, our business may suffer loss of current customers and future opportunities and we could incur significant liability significant financial liability including fines, cost of recovery, and costs related to remediation measures.
Techniques used to obtain unauthorized access or to sabotage systems change frequently. As a result, we may be unable to fully anticipate these techniques or to implement adequate preventative measures. If an actual or perceived security breach occurs, the market perception of our security measures could be harmed, and we could lose sales and customers. If we are, or are perceived to be, not in compliance with data protection, consumer privacy, or other legal or regulatory requirements or operational norms bearing on the collection, processing, storage, or other treatment of data records, including personal information, our reputation and operating performance may suffer. Further, we need to continually monitor and remain compliant with all applicable changes in local, state, national, or international legal or regulatory requirements. Any significant violations of data privacy could result in the loss of business, litigation, and regulatory investigations and penalties that could damage our reputation and adversely impact our results of operations and financial condition.
We have contractual and legal obligations to notify relevant stakeholders of security breaches. Most jurisdictions have enacted laws requiring companies to notify affected individuals, regulatory authorities, and relevant others of security breaches involving certain types of data, including personal information. In addition, our agreements with certain customers and partners may require us to notify them in the event of a security breach. Such mandatory disclosures are costly, could lead to negative publicity, may cause our customers to lose confidence in the effectiveness of our security measures, and require us to expend significant capital and other resources to respond to or alleviate problems caused by the actual or perceived security breach.
A security breach may cause us to breach customer contracts. Our agreements with certain customers may require us to use industry-standard or reasonable measures to safeguard sensitive personal information or confidential information. A security breach could lead to claims by our customers, their end-users, or other relevant stakeholders that we have failed to comply with such legal or contractual obligations. As a result, we could be subject to legal action or our customers could end their relationships with us. There can be no assurance that any limitations of liability in our contracts would be enforceable or adequate or would otherwise protect us from liabilities or damages.
Litigation resulting from security breaches may adversely affect our business. Unauthorized access to The DevOps Platform, systems, networks, or physical facilities could result in litigation with our customers, our customers’ end-users, or other relevant stakeholders. These proceedings could force us to spend money in defense or settlement, divert management’s time and attention, increase our costs of doing business, or adversely affect our reputation. We could be required to fundamentally change our business activities and practices or modify The DevOps Platform capabilities in response to such litigation, which could have an adverse effect on our business. If a security breach were to occur, and the confidentiality, integrity or availability of our data or the data of our partners, our customers or our customers’ end-users was disrupted, we could incur significant liability, or The DevOps Platform, systems, or networks may be perceived as less desirable, which could negatively affect our business and damage our reputation.
If we fail to detect or remediate a security breach in a timely manner, or a breach otherwise affects a large amount of data of one or more customers, or if we suffer a cyber-attack that impacts our ability to operate The DevOps Platform, we may suffer material damage to our reputation, business, financial condition, and results of operations. Further, while we maintain cyber insurance that may provide coverage for these types of incidents, such coverage may not be adequate to cover the costs and other liabilities related to these incidents. In addition, we cannot be sure that our existing insurance coverage
23


and coverage for errors and omissions will continue to be available on acceptable terms or that our insurers will not deny coverage as to any future claim. Our risks are likely to increase as we continue to expand The DevOps Platform, grow our customer base, and process, store, and transmit increasingly large amounts of proprietary and sensitive data.
We face heightened risk of security breaches because we use third-party open source technologies and incorporate a substantial amount of open source code in our products.
The DevOps Platform is built using open-source technology. Using or incorporating any third-party technology can become a vector for supply-chain cyber-attacks, denial-of-service attacks, ransomware attacks, business email compromises, computer malware, viruses, and social engineering (including phishing) are prevalent in our industry and our customers’ industries, and our use of open-source technology may, or may be perceived to, leave us more vulnerable to security attacks. We have previously been, and may in the future become, the target of cyber-attacks by third parties seeking unauthorized access to our or our customers’ data or to disrupt our operations or ability to provide our services. If we are the target of cyber-attacks as a result of our use of open source code, it may substantially damage our reputation and adversely impact our results of operations and financial condition.
Customers may choose to stay on our free product offering instead of converting into a paying customer.
Our future success depends, in part, on our ability to convert users of our free product offering into paying customers by selling additional products, and by upselling additional subscription services. This may require increasingly sophisticated and costly sales efforts and may not result in additional sales. In addition, the rate at which our end-customers purchase additional products and services depends on a number of factors, including the perceived need for additional products and services as well as general economic conditions. If our efforts to sell additional products and services to our end-customers are not successful, our business may suffer.
Our operating results may fluctuate significantly, which could make our future results difficult to predict and could adversely affect the trading price of our common stock.
Our operating results may vary significantly from period to period, which could adversely affect our business, operating results and financial condition. Our operating results have varied significantly from period to period in the past, and we expect that our operating results will continue to vary significantly in the future such that period-to-period comparisons of our operating results may not be meaningful. Accordingly, our financial results in any one quarter or fiscal year should not be relied upon as indicative of future performance. Our quarterly or annual financial results may fluctuate as a result of several factors, many of which are outside of our control and may be difficult to predict, including:
our ability to attract and retain new customers;
the addition or loss of material customers, including through acquisitions or consolidations;
the timing of recognition of revenues;
the amount and timing of operating expenses related to the maintenance and expansion of our business, operations and infrastructure;
general economic, industry and market conditions, including the potential effects of the current COVID-19 pandemic;
customer renewal rates;
our ability to convert users of our free product offerings into subscribing customers;
24


increases or decreases in the number of elements of our services or pricing changes upon any renewals of customer agreements;
seasonal variations in sales of our products;
the timing and success of new service introductions by us or our competitors or any other change in the competitive dynamics of our industry, including consolidation among competitors, customers or strategic partners;
decisions by potential customers to use products of our competitors;
the timing of expenses related to the development or acquisition of technologies or businesses and potential future charges for impairment of goodwill from acquired companies;
extraordinary expenses such as litigation or other dispute-related settlement payments or outcomes;
general economic, industry, and market conditions, in both domestic and our foreign markets;
future accounting pronouncements or changes in our accounting policies or practices;
negative media coverage or publicity;
political events;
the amount and timing of operating costs and capital expenditures related to the expansion of our business, in the U.S. and foreign markets;
the cost to develop and upgrade The DevOps Platform to incorporate new technologies; and
increases or decreases in our expenses caused by fluctuations in foreign currency exchange rates.
In addition, we experience seasonal fluctuations in our financial results as we typically receive a higher percentage of our annual orders from new customers, as well as renewal orders from existing customers, in our fourth fiscal quarter as compared to other quarters due to the annual budget approval process of many of our customers.
Any of the above factors, individually or in the aggregate, may result in significant fluctuations in our financial and other operating results from period to period. As a result of this variability, our historical operating results should not be relied upon as an indication of future performance. Moreover, this variability and unpredictability could result in our failure to meet our operating plan or the expectations of investors or analysts for any period. If we fail to meet such expectations for the reasons described above or any other reasons, our stock price could fall substantially.
We have a limited operating history, which makes it difficult to evaluate our current business and future prospects and may increase the risks associated with your investment.
We were formed on September 10, 2014, and have a limited operating history for our current business upon which our operations and future prospects may be evaluated. As a result of our limited operating history, our ability to forecast our future operating results is limited and subject to a number of uncertainties, including our ability to plan for and model future growth. We also have operating plans that may or may not be achieved and prior achievement of our operating plans is not an indication of future achievement. We have further streamlined our business by reducing the tiers of The DevOps Platform available to purchase from three to two, which may reduce our ability to forecast expected future growth. We have encountered and will encounter risks and uncertainties frequently experienced by growing companies in rapidly changing industries, such as the risks and uncertainties described herein. If our assumptions regarding these risks and uncertainties (which we use to plan our business) are incorrect or
25


change due to changes in our markets, or if we do not address these risks successfully, our operating and financial results could differ materially from our expectations and our business could suffer. We cannot provide assurance that we will be successful in addressing these and other challenges we may face in the future.
We have experienced rapid growth in recent periods. If we fail to manage our growth effectively, we may be unable to execute our business plan, maintain high levels of service, or adequately address competitive challenges.
We have experienced a period of rapid growth in our headcount and operations. We anticipate that we will continue to expand our headcount and operations in the near term. This growth has placed, and future growth will place, a significant strain on our management, administrative, operational and financial infrastructure. Our success will depend in part on our ability to manage this growth effectively. To manage the expected growth of our operations and talent, we will need to continue to improve our operational, financial and management controls and our reporting systems and procedures. Failure to effectively manage growth could result in difficulty or delays in deploying customers, declines in quality or customer satisfaction, increases in costs, difficulties in introducing new features or other operational difficulties, and any of these difficulties could adversely impact our business performance and results of operations. Furthermore, there is no assurance that our rate of growth will continue, if at all.
We may not be able to respond to rapid technological changes with new solutions, which could have a material adverse effect on our operating results.
The DevOps market is characterized by rapid technological change, fluctuating price points, and frequent new product and service introductions. Our ability to increase our user base and increase revenue from existing customers will depend heavily on our ability to enhance and improve our existing solutions, introduce new features and products, both independently and in conjunction with third party developers, reach new platforms and sell into new markets. Customers may require features and capabilities that our current solutions do not have. If we fail to develop solutions that satisfy customer preferences in a timely and cost-effective manner, we may fail to renew our subscriptions with existing customers and create or increase demand for our solutions, and our business may be materially and adversely affected.
The introduction of new services by competitors or the development of entirely new technologies to replace existing offerings could make our solutions obsolete or adversely affect our business. In addition, any new markets or countries into which we attempt to sell our solutions may not be receptive. We may experience difficulties with software development, design, or marketing that could delay or prevent our development, introduction, or implementation of new solutions and enhancements. We have in the past experienced delays in the planned release dates of new features and upgrades, and have discovered defects in new solutions after their introduction. There can be no assurance that new solutions or upgrades will be released according to schedule, or that when released they will not contain defects. Either of these situations could result in adverse publicity, loss of revenue, delay in market acceptance, or claims by customers brought against us, all of which could have a material adverse effect on our reputation, business, operating results, and financial condition. Moreover, upgrades and enhancements to our solutions may require substantial investment and we have no assurance that such investments will be successful. If users do not widely adopt enhancements to our solutions, we may not be able to realize a return on our investment. If we are unable to develop, license, or acquire enhancements to our existing solutions on a timely and cost-effective basis, or if such enhancements do not achieve market acceptance, our business, operating results, and financial condition may be adversely affected.
26


We do not have an adequate history with our subscription or pricing models to accurately predict the long-term rate of customer subscription renewals or adoption, or the impact these renewals and adoption will have on our revenues or operating results.
We have limited experience with respect to determining the optimal prices for our services. As the markets for our services mature, or as new competitors introduce new products or services that are similar to or compete with ours, we may be unable to attract new customers at the same price or based on the same pricing model as we have used historically. Moreover, some customers may demand greater price concessions or additional functionality at the same price levels. As a result, in the future we may be required to reduce our prices or provide more features without corresponding increases in price, which could adversely affect our revenues, gross margin, profitability, financial position and cash flow.
In addition, our customers have no obligation to renew their subscriptions for our services after the expiration of the initial subscription period. Substantially all of our subscriptions are on a one-year period. Our customers may renew for fewer elements of our services or negotiate for different pricing terms. We have limited historical data with respect to rates of customer subscription renewals, so we cannot accurately predict customer renewal rates. Our customers’ renewal rates may decline or fluctuate as a result of a number of factors, including their dissatisfaction with our pricing or our services, their ability to continue their operations and spending levels, and changes in other technology components used within the customer’s organization, such as recruitment, advertising, and applicant tracking system capabilities. Changes in product packaging, pricing strategy or product offerings may not be seen favorably by our customers and may have an adverse effect on our ability to retain our current customers and acquire new ones. For example, we have discontinued our starter and bronze tier product offerings, which may cause customers who previously used these tiers to opt for our free version or to cease using our products completely. If our customers do not renew their subscriptions on similar pricing terms, our revenues may decline, and our business could suffer. In addition, over time the average term of our contracts could change based on renewal rates or for other reasons.
If we are not able to provide successful enhancements, new products, services, and features, our business could be adversely affected.
If we are unable to provide enhancements and new features for our existing services or new services that achieve market acceptance or that keep pace with rapid technological developments and the competitive landscape, our business could be adversely affected. The success of new services and enhancements depends on several factors, including the timely delivery, introduction and market acceptance of such services. Failure in this regard may significantly impair our revenue growth. In addition, because our services are designed to operate on a variety of systems and platforms, some controlled by third parties including competitors, we will need to continuously modify and enhance them to keep pace with changes in Internet-related hardware, operating systems, cloud computing infrastructure, and other software, communication, browser and open source technologies. We may not be successful in either developing these modifications and enhancements or in bringing them to market in a timely fashion. Furthermore, uncertainties about the timing and nature of new network platforms or technologies, or modifications to existing platforms or technologies, could increase our research and development expenses. Any failure of our services to operate effectively with future network platforms and technologies could reduce the demand for our services, result in customer dissatisfaction, and adversely affect our business.
Failure to effectively expand our marketing and sales capabilities could harm our ability to increase our customer base and achieve broader market acceptance of our services.
Our ability to increase our customer base and achieve broader market acceptance of our services will depend to a significant extent on our ability to continue to expand our marketing and sales operations. We plan to continue expanding our sales force. We also plan to dedicate significant and increasing resources to sales and marketing programs. We are expanding our marketing and sales capabilities to target additional potential customers, including some larger organizations, but there is no guarantee that we will
27


be successful attracting and maintaining these businesses as customers, and even if we are successful, these efforts may divert our resources away from and negatively impact our ability to attract and maintain our current customer base. All of these efforts will require us to invest significant financial and other resources. If we are unable to find efficient ways to deploy our marketing spend or to hire, develop, and retain talent in numbers required to maintain and support our growth, if our new sales talent are unable to achieve desired productivity levels in a reasonable period of time, or if our sales and marketing programs are not effective, our ability to increase our customer base and achieve broader market acceptance of our services could be harmed.
Any failure to offer high-quality technical support services may adversely affect our relationships with our customers and our financial results.
Once our products are deployed, our customers depend on our technical support organization to assist customers with service customization and optimization and resolve technical issues. We may be unable to respond quickly enough to accommodate short-term increases in customer demand for support services. We also may be unable to modify the format of our support services to compete with changes in support services provided by our competitors. Increased customer demand for these services, without corresponding revenues, could increase costs and adversely affect our operating results. In addition, our sales process is highly dependent on our services and business reputation and on positive recommendations from our existing customers. Any failure to maintain high-quality technical support, or a market perception that we do not maintain high-quality support, could adversely affect our reputation, our ability to sell our services to existing and prospective customers, and our business, operating results and financial position.
Customers may demand more configuration and integration services, or customized features and functions that we do not offer, which could adversely affect our business and operating results.
Our current and future customers may demand more configuration and integration services, which increase our up front investment in sales and deployment efforts, with no guarantee that these customers will increase the scope of their subscription. As a result of these factors, we may need to devote a significant amount of sales support and professional services resources to individual customers, increasing the cost and time required to complete sales. If prospective customers require customized features or functions that we do not offer, and that would be difficult for them to deploy themselves, then the market for our applications will be more limited and our business could suffer.
If we fail to adapt and respond effectively to rapidly changing technology, evolving industry standards, and changing customer needs, requirements, or preferences, our services may become less competitive.
Our industry is subject to rapid technological change, evolving industry standards and practices, and changing customer needs, requirements, and preferences. The success of our business will depend, in part, on our ability to adapt and respond effectively to these changes on a timely basis. If we are unable to develop and sell new services that satisfy our customers and provide enhancements and new features for our existing services that keep pace with rapid technological and industry change, our revenue and operating results could be adversely affected. If new technologies emerge that are able to deliver competitive products at lower prices, more efficiently, more conveniently, or more securely, such technologies could adversely impact our ability to compete.
Our services must also integrate with a variety of network, hardware, mobile, cloud, and software platforms and technologies, and we need to continuously modify and enhance our services to adapt to changes and innovation in these technologies. If developers widely adopt new software platforms, we would have to develop new versions of our products to work with those new platforms. This development effort may require significant engineering, marketing, and sales resources, all of which would affect our business and operating results. Any failure of our services to operate effectively with future infrastructure platforms and technologies could reduce the demand for our products. If we are unable to respond to
28


these changes in a cost-effective manner, our services may become less marketable and less competitive or obsolete, and our operating results may be negatively affected.
If our services fail to perform properly, whether due to material defects with the software or external issues, our reputation could be adversely affected, our market share could decline, and we could be subject to liability claims.
Our products are inherently complex and may contain material defects, software “bugs” or errors. Any defects in functionality or that cause interruptions in the availability of our products could result in:
loss or delayed market acceptance and sales;
breach of warranty claims;
sales credits or refunds for prepaid amounts related to unused subscription services;
loss of customers;
diversion of development and customer service resources; and
injury to our reputation.
The costs incurred in correcting any material defects, software “bugs” or errors might be substantial and could adversely affect our operating results.
We increasingly rely on information technology systems to process, transmit and store electronic information. Our ability to effectively manage our business depends significantly on the reliability and capacity of these systems. The future operation, success and growth of our business depends on streamlined processes made available through information systems, global communications, internet activity, and other network processes. The future operation, success and growth of our business depends on streamlined processes made available through information systems, global communications, internet activity, and other network processes.
Our information technology systems may be subject to damage or interruption from telecommunications problems, data corruption, software errors, fire, flood, global pandemics and natural disasters, power outages, systems disruptions, system conversions, and/or human error. Our existing safety systems, data backup, access protection, user management and information technology emergency planning may not be sufficient to prevent data loss or long-term network outages. In addition, we may have to upgrade our existing information technology systems or choose to incorporate new technology systems from time to time in order for such systems to support the increasing needs of our expanding business. Costs and potential problems and interruptions associated with the implementation of new or upgraded systems and technology or with maintenance or adequate support of existing systems could disrupt or reduce the efficiency of our operations.
We may also encounter service interruptions due to issues interfacing with our customer’s IT systems, including stack misconfigurations or improper environment scaling, or due to cyber security attacks on ours or our clients’ IT systems. Any such service interruption may have an adverse impact on our reputation and future operating results.
Because of the large amount of data that our customers collect and manage by means of our services, it is possible that failures or errors in our systems could result in data loss or corruption, or cause the information that we or our customers collect to be incomplete or contain inaccuracies that our customers regard as material. Furthermore, the availability or performance of our products could be adversely affected by a number of factors, including customers’ inability to access the Internet, the failure of our network or software systems, security breaches, or variability in user traffic for our services. We may be required to issue credits or refunds for prepaid amounts related to unused services or otherwise be liable to our customers for damages they may incur resulting from certain of these events. For
29


example, our customers access our products through their Internet service providers. If a service provider fails to provide sufficient capacity to support our products, otherwise experiences service outages, or intentionally or unintentionally restricts or limits our ability to send, deliver, or receive electronic communications or provide services, such failure could interrupt our customers’ access to our products, adversely affect their perception of our products’ reliability and reduce our revenues. In addition to potential liability, if we experience interruptions in the availability of our products or services, our reputation could be adversely affected and we could lose customers. Further, while we have in place a data recovery plan, our data backup systems are not geographically diverse or multi-hosted and our data recovery plans may be insufficient to fully recover all of ours or our customers’ data hosted on our system.
While we currently maintain errors and omissions insurance, it may be inadequate or may not be available in the future on acceptable terms, or at all. In addition, our policy may not cover all claims made against us and defending a suit, regardless of its merit, could be costly and divert management’s attention.
Our channel partners may provide a poor experience to customers putting our brand or company growth at risk. Channel partners may deliver poor services or a poor selling experience delaying customer purchase or hurting the company brand.
In addition to our direct sales force, we use channel partners to sell and support our products. Channel partners may become an increasingly important aspect of our business, particularly with regard to enterprise, governmental, and international sales. Our future growth in revenue and ability to achieve and sustain profitability may depend in part on our ability to identify, establish, and retain successful channel partner relationships in the United States and internationally, which will take significant time and resources and involve significant risk. If we are unable to maintain our relationships with these channel partners, or otherwise develop and expand our indirect distribution channel, our business, operating results, financial condition, or cash flows could be adversely affected.
We cannot be certain that we will be able to identify suitable indirect sales channel partners. To the extent we do identify such partners, we will need to negotiate the terms of a commercial agreement with them under which the partner would distribute The DevOps Platform. We cannot be certain that we will be able to negotiate commercially-attractive terms with any channel partner, if at all. In addition, all channel partners must be trained to distribute The DevOps Platform. In order to develop and expand our distribution channel, we must develop and improve our processes for channel partner introduction and training. If we do not succeed in identifying suitable indirect sales channel partners, our business, operating results, and financial condition may be adversely affected.
We also cannot be certain that we will be able to maintain successful relationships with any channel partners and, to the extent that our channel partners are unsuccessful in selling our products, our ability to sell our products and our business, operating results, and financial condition could be adversely affected. Our channel partners may offer customers the products and services of several different companies, including products and services that compete with our products. Because our channel partners generally do not have an exclusive relationship with us, we cannot be certain that they will prioritize or provide adequate resources to sell our products. Moreover, divergence in strategy by any of these channel partners may materially adversely affect our ability to develop, market, sell, or support our products. We cannot assure you that our channel partners will continue to cooperate with us. In addition, actions taken or omitted to be taken by such parties may adversely affect us. In addition, we rely on our channel partners to operate in accordance with the terms of their contractual agreements with us. For example, our agreements with our channel partners limit the terms and conditions pursuant to which they are authorized to resell or distribute our products and offer technical support and related services. We also typically require our channel partners to represent to us the dates and details of products sold through to our customers. If our channel partners do not comply with their contractual obligations to us, our business, operating results, and financial condition may be adversely affected.
30


We track certain performance metrics with internal tools and data models and do not independently verify such metrics. Certain of our performance metrics are subject to inherent challenges in measurement, and real or perceived inaccuracies in such metrics may harm our reputation and negatively affect our business.
Our internal tools and data models have a number of limitations and our methodologies for tracking these metrics may change over time, which could result in unexpected changes to our metrics, including the metrics we report. If the internal tools we use to track these metrics undercount or overcount performance or contain algorithmic or other technical errors, the data we report may not be accurate. In addition, limitations or errors with respect to how we measure data (or the data that we measure) may affect our understanding of certain details of our business, which could affect our longer-term strategies. If our performance metrics are not accurate representations of our business, user base, or traffic levels; if we discover material inaccuracies in our metrics; or if the metrics we rely on to track our performance do not provide an accurate measurement of our business, our reputation may be harmed, we may be subject to legal or regulatory actions, and our operating and financial results could be adversely affected.
We rely to a significant degree on a number of independent open source software programmers, to develop and enhance the open source technologies we use to provide our products and services.
In our development process we rely upon numerous open source software programs which are outside of our direct control. Members of corresponding leadership committees and core teams, many of whom are not employed by us, are primarily responsible for the oversight and evolution of the codebases of these open source technologies. If the project committers and contributors fail to adequately further develop and enhance open source technologies, or if the leadership committees fail to oversee and guide the evolution of the open source technologies in the manner that we believe is appropriate to maximize the market potential of our offerings, then we would have to rely on other parties, or we would need to expend additional resources, to develop and enhance our offerings. We also must devote adequate resources to our own internal programmers to support their continued development and enhancement of open source technologies, and if we do not do so, we may have to turn to third parties or experience delays in developing or enhancing open source technologies. We cannot predict whether further developments and enhancements to these technologies would be available from reliable alternative sources. In either event, our development expenses could be increased, and our technology release and upgrade schedules could be delayed. Delays in developing, completing, or delivering new or enhanced offerings could cause our offerings to be less competitive, impair customer acceptance of our offerings and result in delayed or reduced revenue for our offerings.
Our failure or inability to protect our intellectual property rights, or claims by others that we are infringing upon or unlawfully using their intellectual property, could diminish the value of our brand and weaken our competitive position, and adversely affect our business, financial condition, operating results, and prospects.
We currently rely on a combination of copyright, trademark, trade secret, and unfair competition laws, as well as confidentiality agreements and procedures and licensing arrangements, to establish and protect our intellectual property rights. We have devoted substantial resources to the development of our proprietary technologies and related processes. In order to protect our proprietary technologies and processes, we rely in part on trade secret laws and confidentiality agreements with our team members, licensees, independent contractors, commercial partners, and other advisors. These agreements may not effectively prevent disclosure of confidential information and may not provide an adequate remedy in the event of unauthorized disclosure of confidential information. We cannot be certain that the steps taken by us to protect our intellectual property rights will be adequate to prevent infringement of such rights by others. Additionally, the process of obtaining patent or trademark protection is expensive and time-consuming, and we may not be able to prosecute all necessary or desirable patent applications or apply for all necessary or desirable trademark applications at a reasonable cost or in a timely manner. Moreover, intellectual property protection may be unavailable or limited in some foreign countries where laws or law enforcement practices may not protect our intellectual property rights as fully as in the United
31


States, and it may be more difficult for us to successfully challenge the use of our intellectual property rights by other parties in these countries. Costly and time-consuming litigation could be necessary to enforce and determine the scope of our proprietary rights, and our failure or inability to obtain or maintain trade secret protection or otherwise protect our proprietary rights could adversely affect our business.
We may in the future be subject to patent infringement and trademark claims and lawsuits in various jurisdictions, and we cannot be certain that our products or activities do not violate the patents, trademarks, or other intellectual property rights of third-party claimants. Companies in the technology industry and other patent, copyright, and trademark holders seeking to profit from royalties in connection with grants of licenses own large numbers of patents, copyrights, trademarks, domain names, and trade secrets and frequently commence litigation based on allegations of infringement, misappropriation, or other violations of intellectual property or other rights. As we face increasing competition and gain an increasingly high profile, the intellectual property rights claims against us have grown and will likely continue to grow.
Further, from time to time, we may receive letters from third parties alleging that we are infringing upon their intellectual property rights or inviting us to license their intellectual property rights. Our technologies and other intellectual property may not be able to withstand such third-party claims, and successful infringement claims against us could result in significant monetary liability, prevent us from selling some of our products and services, or require us to change our branding. In addition, resolution of claims may require us to redesign our products, license rights from third parties at a significant expense, or cease using those rights altogether. We may in the future bring claims against third parties for infringing our intellectual property rights. Costs of supporting such litigation and disputes may be considerable, and there can be no assurances that a favorable outcome will be obtained. Patent infringement, trademark infringement, trade secret misappropriation, and other intellectual property claims and proceedings brought against us or brought by us, whether successful or not, could require significant attention of our management and resources and have in the past and could further result in substantial costs, harm to our brand, and have an adverse effect on our business.
The estimates of market opportunity and forecasts of market growth included in this prospectus may prove to be inaccurate, and even if the market in which we compete achieves the forecasted growth, our business could fail to grow at similar rates, if at all.
The estimates of market opportunity and forecasts of market growth included in this prospectus may prove to be inaccurate. Market opportunity estimates and growth forecasts included in this prospectus, including those we have generated ourselves, are subject to significant uncertainty and are based on assumptions and estimates that may not prove to be accurate, including the risks described herein. Even if the market in which we compete achieves the forecasted growth, our business could fail to grow at similar rates, if at all.
The variables that go into the calculation of our market opportunity are subject to change over time, and there is no guarantee that any particular number or percentage of addressable users or companies covered by our market opportunity estimates will purchase our products at all or generate any particular level of revenue for us. Any expansion in our market depends on a number of factors, including the cost, performance, and perceived value associated with The DevOps Platform and those of our competitors. Even if the market in which we compete meets the size estimates and growth forecasted in this prospectus, our business could fail to grow at similar rates, if at all. Our growth is subject to many factors, including our success in implementing our business strategy, which is subject to many risks and uncertainties. Accordingly, the forecasts of market growth included in this prospectus should not be taken as indicative of our future growth.
32


We are or may be the defendant in lawsuits or other claims that could cause us to incur substantial liabilities.
We have from time to time been, and are likely to in the future become, defendants in actual or threatened lawsuits brought by or on behalf of our current and former team members, competitors, governmental or regulatory bodies, or third parties who use The DevOps Platform. The various claims in such lawsuits may include, among other things, negligence or misconduct in the operation of our business and provision of services, intellectual property infringement, unfair competition, or violation of employment or privacy laws or regulations. Such suits may seek, as applicable, direct, indirect, consequential, punitive or other penalties or damages, injunctive relief, and/or attorneys’ fees. It is not possible to predict the outcome of any such lawsuits, individually or in the aggregate. However, these lawsuits may consume substantial amounts of our financial and managerial resources and might result in adverse publicity, regardless of the ultimate outcome of the lawsuits. In addition, we and our subsidiaries may become subject to similar lawsuits in the same or other jurisdictions. An unfavorable outcome with respect to these lawsuits and any future lawsuits could, individually or in the aggregate, cause us to incur substantial liabilities that may have a material adverse effect upon our business, financial condition or results of operations. In addition, an unfavorable outcome in one or more of these cases could cause us to change our compensation plans for our team members, which could have a material adverse effect upon our business.
We may engage in merger and acquisition activities and joint ventures, which could require significant management attention, disrupt our business, dilute stockholder value, and adversely affect our operating results.
As part of our business strategy, we may make investments in other companies, products, or technologies and may seek to acquire other companies, products, or technologies in the future. We may not be able to find suitable acquisition candidates and we may not be able to complete acquisitions on favorable terms, if at all. Even if we complete acquisitions or joint ventures, we may not ultimately strengthen our competitive position or achieve our goals, and any acquisitions or joint ventures we complete could be viewed negatively by users or investors. In addition, if we fail to successfully integrate such acquisitions, or the assets, technologies or talent associated with such acquisitions, into our company, we may have depleted the company’s capital resources without attractive returns, and the revenue and operating results of the combined company could be adversely affected.
Acquisitions and joint ventures may disrupt our ongoing operations, divert management from their primary responsibilities, dilute our corporate culture, subject us to additional liabilities, increase our expenses, and adversely impact our business, financial condition, operating results, and cash flows. We may not successfully evaluate or utilize the acquired technology and accurately forecast the financial impact of an acquisition transaction, including accounting charges. We may have to pay cash, incur debt, or issue equity securities to pay for any such acquisition or joint venture, each of which could affect our financial condition or the value of our capital stock and could result in dilution to our stockholders. If we incur more debt it would result in increased fixed obligations and could also subject us to covenants or other restrictions that would impede or may be beyond our ability to manage our operations. Additionally, we may receive indications of interest from other parties interested in acquiring some or all of our business. The time required to evaluate such indications of interest could require significant attention from management, disrupt the ordinary functioning of our business, and adversely affect our operating results.
If our estimates or judgments relating to our critical accounting policies prove to be incorrect, our operating results could be adversely affected.
The preparation of financial statements in conformity with U.S. GAAP requires management to make estimates and assumptions that affect the amounts reported in the consolidated financial statements and accompanying notes. We base our estimates on historical experience and on various other assumptions that we believe to be reasonable under the circumstances, as described in the section titled “Management’s Discussion and Analysis of Financial Condition and Results of Operations” included
33


elsewhere in this prospectus. The results of these estimates form the basis for making judgments about the carrying values of assets, liabilities, and equity, and the amount of revenue and expenses that are not readily apparent from other sources. Significant assumptions and estimates used in preparing our consolidated financial statements include those related to revenue recognition, deferred revenue, accounting for income taxes, fair value of convertible preferred stock warrant liability, estimated customer life on deferred contract acquisition costs, foreign currency valuation, allowance for doubtful accounts, the fair value of financial assets and liabilities, including accounting and fair value of derivatives, and stock-based compensation expense. Our operating results may be adversely affected if our assumptions change or if actual circumstances differ from those in our assumptions, which could cause our operating results to fall below the expectations of securities analysts and investors, resulting in a decline in the price of our common stock.
Adverse tax laws or regulations could be enacted or existing laws could be applied to us or our customers, which could increase the costs of our services and adversely impact our business.
The application of federal, state, local, and international tax laws to services provided electronically is evolving. New income, sales, use, or other tax laws, statutes, rules, regulations or ordinances could be enacted at any time (possibly with retroactive effect), and could be applied solely or disproportionately to services provided over the Internet. These enactments could adversely affect our sales activity due to the inherent cost increase the taxes would represent and ultimately result in a negative impact on our operating results and cash flows.
In addition, existing tax laws, statutes, rules, regulations or ordinances could be interpreted, changed, modified or applied adversely to us (possibly with retroactive effect), which could require us or our customers to pay additional tax amounts, as well as require us or our customers to pay fines or penalties and interest for past amounts. If we are unsuccessful in collecting such taxes from our customers, we could be held liable for such costs, thereby adversely impacting our operating results and cash flows.
Furthermore, OECD Transfer Pricing Guidelines require us to analyze the functions performed by our entities, the risks incurred and the assets owned. This functional analysis is a control to sustain the operating margins of our entities and confirm arm’s length pricing for intercompany transactions. Competent authorities could interpret, change, modify or apply adversely, existing tax laws, statutes, rules, regulations or ordinances to us (possibly with retroactive effect); which could require us to make transfer pricing corrections or fines, penalties or interest for past amounts. We could be held liable for such costs, thereby adversely impacting our operating results and cash flows.
The termination of our relationship with our payment solutions providers could have a severe, negative impact on our ability to collect revenue from customers.
Most of our paying customers purchase our solutions using online payment solutions such as credit cards, and our business depends upon our ability to offer such payment options. The termination of our ability to process payments on any material payment option would significantly impair our ability to operate our business and significantly increase our administrative costs related to customer payment processing. If we fail to maintain our compliance with the data protection and documentation standards adopted by our payment processors and applicable to us, these processors could terminate their agreements with us, and we could lose our ability to offer our customers a credit card or other payment option. If these processors increase their payment processing fees because we experience excessive chargebacks or refunds or for other reasons, it could adversely affect our business and operating results. Increases in payment processing fees would increase our operating expense and adversely affect our operating results.
We process, store and use personal information and other data, which subjects us to governmental regulation and other legal obligations, including the United States, the European Union, or the E.U., and the United Kingdom, or the U.K., Canada, and Australia related to privacy, and our actual
34


or perceived failure to comply with such laws, regulations and contractual obligations could result in significant liability and reputational harm.
We receive, store and process personal information and other customer data. There are numerous federal, state, local and foreign laws regarding privacy and the storing, sharing, access, use, processing, disclosure and protection of personal information, personal data and other customer data, the scope of which are changing, subject to differing interpretations, and may be inconsistent among countries or conflict with other rules.
With respect to E.U. and U.K. team members, contractors and other personnel, as well as for our customers’ and prospective customers’ personal data, such as contact and business information, we are subject to the E.U. General Data Protection Regulation, or the GDPR, and applicable national implementing legislation of the GDPR, and the U.K. General Data Protection Regulation and U.K. Data Protection Act 2018, or the U.K. GDPR, respectively. We are a controller with respect to this data.
The GDPR/U.K. GDPR imposes stringent data protection requirements and, where we are acting as a controller, includes requirements to provide detailed disclosures about how personal data is collected and processed (in a concise, intelligible and easily accessible form); demonstrating that an appropriate legal basis is in place or otherwise exists to justify data processing activities; granting rights for data subjects in regard to their personal data including the right to be “forgotten”, the right to data portability and data subject access requests; the obligation to notify data protection regulators or supervisory authorities (and in certain cases, affected individuals) of significant data breaches; defining pseudonymized (key-coded) data; imposing limitations on retention of personal data; maintaining a record of data processing; and complying with the principle of accountability and the obligation to demonstrate compliance through policies, procedures, training and audit. Where we act as a processor and process personal data on behalf of our customers, we are required to execute mandatory data processing clauses with those customers and maintain a record of data processing, among other requirements under the GDPR/U.K. GDPR. The GDPR/U.K. GDPR provides for penalties for noncompliance of up to the greater of €20 million or 4% of worldwide annual revenues (in the case of the GDPR) or £17 million and 4% of worldwide annual revenue (in the case of the U.K. GDPR). As we are required to comply with both the GDPR and the U.K. GDPR, we could be subject to parallel enforcement actions with respect to breaches of the GDPR/U.K. GDPR which affects both E.U. and U.K. data subjects. In addition to the foregoing, a breach of the GDPR or U.K. GDPR could result in regulatory investigations, reputational damage, orders to cease or change our processing of our personal data, enforcement notices, and/or assessment notices (for a compulsory audit). We may also face civil claims including representative actions and other class action type litigation (where individuals have suffered harm), potentially amounting to significant compensation or damages liabilities, as well as associated costs, diversion of internal resources, and reputational harm.
The GDPR and U.K. GDPR requires, among other things, that personal information only be transferred outside of the European Economic Area, or the E.E.A., or the U.K., respectively to jurisdictions that have not been deemed adequate by the European Commission or by the U.K. data protection regulator, respectively, including the United States, if certain safeguards are taken to legitimize those data transfers. Recent legal developments in the E.U. have created complexity and uncertainty regarding such transfers. For example, on July 16, 2020, the European Court of Justice, or the CJEU, invalidated the E.U.-U.S. Privacy Shield framework, or the Privacy Shield. Further, the CJEU also advised that the Standard Contractual Clauses (a standard form of contract approved by the European Commission as an adequate personal data transfer mechanism and potential alternative to the Privacy Shield) were not alone sufficient to protect data transferred to the United States or other countries not deemed adequate. Use of the data transfer mechanisms must now be assessed on a case-by-case basis taking into account the legal regime applicable in the destination country, in particular applicable surveillance laws and rights of individuals, and additional measures and/or contractual provisions may need to be put in place. The European Data Protection Board issued additional guidance regarding the Court of Justice’s decision in November 2020, which imposes higher burdens on the use of data transfer mechanisms, such as the Standard Contractual Clauses, for cross-border data transfers. The CJEU also stated that if a competent
35


supervisory authority believes that the standard contractual clauses cannot be complied with in the destination country and that the required level of protection cannot be secured by other means, such supervisory authority is under an obligation to suspend or prohibit that transfer. Further, the European Commission published new versions of the Standard Contractual Clauses on June 4, 2021, which require implementation by September 27th, 2021 for new transfers, and by December 2022 for all existing transfers. These recent developments require us to review and amend our uses of Standard Contractual Clauses involving the transfer of E.E.A. data outside of the E.E.A. which could increase our compliance costs and adversely affect our business. The transfer of U.K. data outside of the U.K. and the E.E.A. will remain subject to the previous set of Standard Contractual Clauses as approved at the time of Brexit, but the Information Commissioner’s Office, or the ICO, in the U.K. will consult on new, U.K. specific, data transfer agreements this Summer 2021 and the ICO has stated that it is considering whether to recognize the new Standard Contractual Clauses in U.K. law, and therefore our U.K. data export arrangements may also require updating resulting in further compliance costs.
In addition, following the U.K.’s withdrawal from the E.U., the E.U. issued an adequacy decision in June 2021 in favor of the U.K. permitting data transfers from the E.U. to the U.K. However, this adequacy decision is subject to a four-year term, and the E.U. could intervene during the term if it determines that the data protection laws in the U.K. are not sufficient. If the adequacy decision is not renewed after its term, or the E.U. intervenes during the term, data may not be able to flow freely from the E.U. to the U.K. unless additional measures are taken. In which case, we may be required to find alternative solutions for the compliant transfer of personal data into the U.K. from the E.U. As supervisory authorities continue to issue further guidance on personal information (including regarding data export and circumstances in which we cannot use the standard contractual clauses), we could suffer additional costs, complaints, or regulatory investigations or fines, and if we are otherwise unable to transfer personal data between and among countries and regions in which we operate, it could affect the manner in which we provide our services, the geographical location or segregation of our relevant systems and operations, and could adversely affect our financial results. Loss, retention or misuse of certain information and alleged violations of laws and regulations relating to privacy and data security, and any relevant claims, may expose us to potential liability and may require us to expend significant resources on data security and in responding to and defending such allegations and claims.
We are also subject to evolving E.U. and U.K. privacy laws on cookies and e-marketing. In the E.U. and the U.K., regulators are increasingly focusing on compliance with requirements in the online behavioral advertising ecosystem, and current national laws that implement the ePrivacy Directive are highly likely to be replaced by an E.U. regulation known as the ePrivacy Regulation which will significantly increase fines for non-compliance. In the E.U. and the U.K., informed consent is required for the placement of a cookie or similar technologies on a user’s device and for direct electronic marketing. The GDPR also imposes conditions on obtaining valid consent, such as a prohibition on pre-checked consents and a requirement to ensure separate consents are sought for each type of cookie or similar technology. While the text of the ePrivacy Regulation is still under development, a recent European court decision and regulators’ recent guidance are driving increased attention to cookies and tracking technologies. If regulators start to enforce the strict approach in recent guidance, this could lead to substantial costs, require significant systems changes, limit the effectiveness of our marketing activities, divert the attention of our technology personnel, adversely affect our margins, increase costs and subject us to additional liabilities. Regulation of cookies and similar technologies, and any decline of cookies or similar online tracking technologies as a means to identify and potentially target users, may lead to broader restrictions and impairments on our marketing and personalization activities and may negatively impact our efforts to understand users.
We depend on a number of third parties in relation to the operation of our business, a number of which process personal data on our behalf or as our sub-processor. To the extent required by applicable law, we attempt to mitigate the associated risks of using third parties by performing security assessments and detailed due diligence, entering into contractual arrangements to ensure that providers only process personal data according to our instructions or equivalent instructions to the instructions of our customer
36


(as applicable), and that they have sufficient technical and organizational security measures in place. Where we transfer personal data outside the E.U. or the U.K. to such third parties, we do so in compliance with the relevant data export requirements, as described above. There is no assurance that these contractual measures and our own privacy and security-related safeguards will protect us from the risks associated with the third-party processing, storage and transmission of such information. Any violation of data or security laws by our third-party processors could have a material adverse effect on our business and result in the fines and penalties under the GDPR and the UK GDPR outlined above.
Additionally, we are subject to the California Consumer Privacy Act, or the CCPA, which came into effect in 2020 and increases privacy rights for California consumers and imposes obligations on companies that process their personal information. Among other things, the CCPA requires covered companies to, among other things, provide new disclosures to California consumers, and affords such consumers new privacy rights such as the ability to opt-out of certain sales of personal information and expanded rights to access and require deletion of their personal information, opt out of certain personal information sharing, and receive detailed information about how their personal information is collected, used and shared. The CCPA provides for civil penalties for violations, as well as a private right of action for security breaches that may increase the likelihood of, and the risks associated with, security breach litigation. Additionally, in November 2020, California passed the California Privacy Rights Act, or the CPRA, which expands the CCPA significantly, including by expanding consumers’ rights with respect to certain personal information and creating a new state agency to oversee implementation and enforcement efforts, potentially resulting in further uncertainty and requiring us to incur additional costs and expenses in an effort to comply. Many of the CPRA’s provisions will become effective on January 1, 2023. Further, Virginia enacted the Virginia Consumer Data Protection Act, or the CDPA, another comprehensive state privacy law, that will also be effective January 1, 2023. The CCPA, CPRA, and CDPA may increase our compliance costs and potential liability, particularly in the event of a data breach, and could have a material adverse effect on our business, including how we use personal information, our financial condition, the results of our operations or prospects. The CCPA has also prompted a number of proposals for new federal and state privacy legislation that, if passed, could increase our potential liability, increase our compliance costs and adversely affect our business. Changing definitions of personal information and information may also limit or inhibit our ability to operate or expand our business, including limiting strategic partnerships that may involve the sharing of data. Also, some jurisdictions require that certain types of data be retained on servers within these jurisdictions. Our failure to comply with applicable laws, directives, and regulations may result in enforcement action against us, including fines, and damage to our reputation, any of which may have an adverse effect on our business and operating results.
Further, we are subject to Payment Card Industry Data Security Standard, or PCI-DSS, a security standard applicable to companies that collect, store or transmit certain data regarding credit and debit cards, holders and transactions. We rely on vendors to handle PCI DSS matters and to ensure PCI-DSS compliance. Despite our compliance efforts, we may become subject to claims that we have violated the PCIDSS based on past, present, and future business practices. Our actual or perceived failure to comply with the PCI-DSScan subject us to fines, termination of banking relationships, and increased transaction fees. In addition, there is no guarantee that PCI-DSS compliance will prevent illegal or improper use of our payment systems or the theft, loss or misuse of payment card data or transaction information.
We generally seek to comply with industry standards and are subject to the terms of our privacy policies and privacy-related obligations to third parties. We strive to comply with all applicable laws, policies, legal obligations and industry codes of conduct relating to privacy and data protection to the extent possible. However, it is possible that these obligations may be interpreted and applied in a manner that is inconsistent from one jurisdiction to another and may conflict with other rules or our practices. Any failure or perceived failure by us to comply with applicable privacy and data security laws and regulations, our privacy policies, or our privacy-related obligations to users or other third parties, or any compromise of security that results in the unauthorized release or transfer of personal information or other customer data, may result in governmental enforcement actions, litigation, or public statements against us by
37


consumer advocacy groups or others and could cause our users to lose trust in us, which would have an adverse effect on our reputation and business. It is possible that a regulatory inquiry might result in changes to our policies or business practices. Violation of existing or future regulatory orders or consent decrees could subject us to substantial monetary fines and other penalties that could negatively affect our financial condition and operating results. In addition, it is possible that future orders issued by, or enforcement actions initiated by, regulatory authorities could cause us to incur substantial costs or require us to change our business practices in a manner materially adverse to our business.
Any significant change to applicable laws, regulations or industry practices regarding the use or disclosure of our users’ data, or regarding the manner in which the express or implied consent of users for the use and disclosure of such data is obtained – or in how these applicable laws, regulations or industry practices are interpreted and enforced by state, federal and international privacy regulators – could require us to modify our services and features, possibly in a material manner, may subject us to regulatory enforcement actions and fines, and may limit our ability to develop new services and features that make use of the data that our users voluntarily share with us.
We are subject to various governmental export controls, trade sanctions, and import laws and regulations that could impair our ability to compete in international markets or subject us to liability if we violate these controls.
In some cases, our software is subject to export control laws and regulations, including the Export Administration Regulations administered by the U.S. Department of Commerce, and our activities may be subject to trade and economic sanctions, including those administered by the United States Department of the Treasury’s Office of Foreign Assets Control, or OFAC, and collectively, Trade Controls. As such, a license may be required to export or re-export our products, or provide related services, to certain countries and end-users, and for certain end-uses. Further, our products incorporating encryption functionality may be subject to special controls applying to encryption items and/or certain reporting requirements.
We have procedures in place designed to ensure our compliance with Trade Controls. We are currently working to enhance these procedures, with which failure to comply could subject us to both civil and criminal penalties, including substantial fines, possible incarceration of responsible individuals for willful violations, possible loss of our export or import privileges, and reputational harm. Further, the process for obtaining necessary licenses may be time-consuming or unsuccessful, potentially causing delays in sales or losses of sales opportunities. Trade Controls are complex and dynamic regimes, and monitoring and ensuring compliance can be challenging, particularly given that our products are widely distributed throughout the world and are available for download without registration. Although we have no knowledge that our activities have resulted in violations of Trade Controls, any failure by us or our partners to comply with applicable laws and regulations would have negative consequences for us, including reputational harm, government investigations, and penalties.
Prior to implementing these control procedures, we inadvertently exported our software to entities located in embargoed countries and listed on denied parties’ lists administered by the U.S. Department of Commerce’s Bureau of Industry and Security, or BIS, and OFAC. In March 2020, we disclosed these apparent violations to BIS and OFAC, which resulted in a BIS Warning Letter and an OFAC Cautionary Letter. While BIS and OFAC did not assess any penalties, we understand that BIS and OFAC may consider our regulatory history, including these prior disclosures and warning/cautionary letters, if the company is involved in a future enforcement case for failure to comply with export control laws and regulations.
In addition, various countries regulate the import of certain encryption technology, including through import permit and license requirements, and have enacted laws that could limit our ability to distribute our products or could limit our end-customers’ ability to implement our products in those countries. Changes in our products or changes in export and import regulations in such countries may create delays in the introduction of our products into international markets, prevent our end-customers with international
38


operations from deploying our products globally or, in some cases, prevent or delay the export or import of our products to certain countries, governments, or persons altogether. Any change in export or import laws or regulations, economic sanctions or related legislation, shift in the enforcement or scope of existing export, import or sanctions laws or regulations, or change in the countries, governments, persons, or technologies targeted by such export, import or sanctions laws or regulations, could result in decreased use of our products by, or in our decreased ability to export or sell our products to, existing or potential end-customers with international operations. Any decreased use of our products or limitation on our ability to export to or sell our products in international markets could adversely affect our business, financial condition, and results of operations.
Failure to comply with anti-bribery, anti-corruption, anti-money laundering laws, and similar laws, could subject us to penalties and other adverse consequences.
We are subject to the U.S. Foreign Corrupt Practices Act of 1977, as amended, or the FCPA, the U.S. domestic bribery statute contained in 18 U.S.C. § 201, the U.S. Travel Act, the USA PATRIOT Act, the United Kingdom Bribery Act 2010 and possibly other anti-bribery and anti-money laundering laws in countries outside of the United States in which we conduct our activities. Anti-corruption and anti-bribery laws have been enforced aggressively in recent years and are interpreted broadly to generally prohibit companies, their team members, and their third-party intermediaries from authorizing, offering, or providing, directly or indirectly, improper payments or benefits to recipients in the public or private sector.
We sometimes leverage third parties to sell our products and services and conduct our business abroad. We and our third-party intermediaries may have direct or indirect interactions with officials and employees of government agencies or state-owned or affiliated entities and may be held liable for the corrupt or other illegal activities of these third-party business partners and intermediaries, our team members, representatives, contractors, partners, and agents, even if we do not explicitly authorize such activities. We cannot assure you that all of our team members and agents will not take actions in violation of applicable law, for which we may be ultimately held responsible. As we increase our international sales and business, our risks under these laws may increase.
Any allegations or violation of the FCPA or other applicable anti-bribery, anti-corruption laws, and anti-money laundering laws could result in whistleblower complaints, sanctions, settlements, prosecution, enforcement actions, fines, damages, adverse media coverage, investigations, loss of export privileges, severe criminal or civil sanctions, or suspension or debarment from U.S. government contracts, all of which may have an adverse effect on our reputation, business, results of operations, and prospects. Responding to any investigation or action will likely result in a materially significant diversion of management’s attention and resources and significant defense costs and other professional fees. In addition, the U.S. government may seek to hold us liable for successor liability for FCPA violations committed by companies in which we invest or that we acquire. As a general matter, investigations, enforcement actions and sanctions could harm our reputation, business, results of operations, and financial condition.
A portion of our revenue is generated by sales to government entities, which are subject to a number of challenges and risks.
Sales to government entities are subject to a number of risks. Selling to government entities can be highly competitive, expensive, and time-consuming, often requiring significant up front time and expense without any assurance that these efforts will generate a sale. Government certification requirements for products like ours may change, thereby restricting our ability to sell into the U.S. federal government, U.S. state government, or non-U.S government sectors until we have attained the revised certification. Government demand and payment for our products may be affected by public sector budgetary cycles and funding authorizations, with funding reductions or delays adversely affecting public sector demand for our products. Additionally, any actual or perceived privacy, data protection, or data security incident, or even any perceived defect with regard to our practices or measures in these areas, may negatively impact public sector demand for our products.
39


Additionally, we rely on certain partners to provide technical support services to certain of our government entity customers to resolve any issues relating to our products. If our partners do not effectively assist our government entity customers in deploying our products, succeed in helping our government entity customers quickly resolve post-deployment issues, or provide effective ongoing support, our ability to sell additional products to new and existing government entity customers would be adversely affected and our reputation could be damaged.
Government entities may have statutory, contractual, or other legal rights to terminate contracts with us for convenience or due to a default, and any such termination may adversely affect our future results of operations. Governments routinely investigate and audit government contractors’ administrative processes, and any unfavorable audit could result in the government refusing to continue buying our subscriptions, a reduction of revenue, or fines or civil or criminal liability if the audit uncovers improper or illegal activities, which could adversely affect our results of operations in a material way.
Our success depends on our ability to provide users of our products and services with access to an abundance of useful, efficient high-quality code which in turn depends on the quality and volume of code contributed by our users.
We believe that one of our competitive advantages is the quality, quantity and collaborative nature of the code on GitLab, and that access to open source code is one of the main reasons users visit GitLab. We seek to foster a broad and engaged user community, and we encourage individuals, companies, governments, and institutions to use our products and services to learn, code and work. If users, including influential users, do not continue to contribute code, our user base and user engagement may decline. Additionally, if we are not able to address user concerns regarding the safety and security of our products and services or if we are unable to successfully prevent abusive or other hostile behavior on The DevOps Platform, the size of our user base and user engagement may decline. We rely on sale of online services for a substantial portion of our revenue and a decline in the number of users, user growth rate, or user engagement, including as a result of the loss of influential users and companies who provide innovative code on GitLab, paying users of our online services may be deterred from using our products or services or reduce their spending with us or cease doing business with us, which would harm our business and operating results.
Seasonality may cause fluctuations in our sales and results of operations.
Historically, we have experienced seasonality in new customer contracts, as we typically enter into a higher percentage of subscription agreements with new customers and renewals with existing customers in the third and fourth quarters of each year. We believe that this results from the procurement, budgeting, and deployment cycles of many of our customers, particularly our enterprise customers. We expect that this seasonality will continue to affect our bookings, deferred revenue, and our results of operations in the future and might become more pronounced as we continue to target larger enterprise customers.
We recognize a significant portion of revenue from subscriptions over the term of the relevant subscription period, and as a result, downturns or upturns in sales are not immediately reflected in our results of operations.
We recognize a significant portion of our subscription revenue over the term of the relevant subscription period. As a result, much of the subscription revenue we report each fiscal quarter is the recognition of deferred revenue from subscription contracts entered into during previous fiscal quarters. Consequently, a decline in new or renewed subscriptions in any one fiscal quarter will not be fully or immediately reflected in revenue in that fiscal quarter and will negatively affect our revenue in future fiscal quarters. Accordingly, the effect of significant downturns in new or renewed sales of our subscriptions is not reflected in full in our results of operations until future periods.
40


The length of our sales cycle can be unpredictable, particularly with respect to sales to large customers, and our sales efforts may require considerable time and expense.
Our results of operations may fluctuate, in part, because of the length and variability of the sales cycle of our subscriptions and the difficulty in making short-term adjustments to our operating expenses. Our results of operations depend in part on sales to new large customers and increasing sales to existing customers. The length of our sales cycle, from initial contact from a prospective customer to contractually committing to our paid subscriptions can vary substantially from customer to customer based on deal complexity as well as whether a sale is made directly by us. It is difficult to predict exactly when, or even if, we will make a sale to a potential customer or if we can increase sales to our existing customers. As a result, large individual sales have, in some cases, occurred in quarters subsequent to those we anticipated, or have not occurred at all. Because a substantial proportion of our expenses are relatively fixed in the short term, our results of operations will suffer if revenue falls below our expectations in a particular quarter, which could cause the price of our common stock to decline.
Risks Related to our People and Culture
We engage our team members in various ways, including direct hires, through professional employer organizations, or PEOs and as independent contractors. As a result of these methods of engagement, we face certain challenges and risks that can affect our business, operating results, and financial condition.
In the locations where we directly hire our team members into one of our entities, we must ensure that we are compliant with the applicable local laws governing team members in those jurisdictions, including local employment and tax laws. In the locations where we utilize PEOs, we contract with the PEO for it to serve as “Employer of Record” for those team members engaged through the PEO in each applicable location. Under this model, team members are employed by the PEO but provide services to GitLab. We also engage team members through a PEO self-employed model in certain jurisdictions where we contract with the PEO, which in turn contracts with individual team members as independent contractors. In all locations where we utilize PEOs, we rely on those PEOs to comply with local employment laws and regulations. We also issue equity to a substantial portion of our team members, including team members engaged through PEOs and independent contractors, and must ensure we remain compliant with securities laws of the applicable jurisdiction where such team members are located.
Additionally, in some cases, we contract directly with team members who are independent contractors. When we engage team members through a PEO or independent contractor model, we may not be utilizing the appropriate hiring model needed to be compliant with local laws or the PEO may not be complying with local regulations. Additionally, the agreements executed between PEOs and our team members or between us and team members engaged under the independent contractor model, may not be enforceable depending on the local laws because of the indirect relationship created through these engagement models. Accordingly, as a result of our engagement of team members through PEOs, and of our relationship with independent contractors, our business, financial condition and results of operations could be materially and adversely affected. Furthermore, litigation related to our model of engaging team members, if instituted against us, could result in substantial costs and divert our management’s attention and resources from our business.
We rely on our management team and other key team members and will need additional personnel to grow our business, and the loss of one or more key team members or our inability to hire, integrate, train and retain qualified personnel, could harm our business.
Our future success is dependent, in part, on our ability to hire, integrate, train, retain and motivate the members of our management team and other key team members throughout our organization. The loss of key personnel, including key members of our management team, as well as certain of our key marketing, sales, finance, support, product development, human resources, or technology personnel,
41


could disrupt our operations and have an adverse effect on our ability to grow our business. In particular, we are highly dependent on the services of Sytse Sijbrandij, our co-founder, Chairman of the Board of Directors and Chief Executive Officer, who is critical to the development of our technology, services, future vision and strategic direction.
Competition for highly skilled personnel in our industry is intense, and we may not be successful in hiring or retaining qualified personnel to fulfill our current or future needs. We have, from time to time, experienced, and we expect to continue to experience, difficulty in hiring and retaining highly skilled team members with appropriate qualifications. For example, in recent years, recruiting, hiring, and retaining team members with expertise in the technology software industry has become increasingly difficult as the demand for technology software professionals has continued to increase. Further, unfavorable media coverage of us could significantly impact our ability to recruit and retain talent. Many of the companies with which we compete for experienced personnel have greater resources than we have. Our competitors also may be successful in recruiting and hiring members of our management team or other key team members, and it may be difficult for us to find suitable replacements on a timely basis, on competitive terms, or at all. We have in the past, and may in the future, be subject to allegations that team members we hire have been improperly solicited, or that they have divulged proprietary or other confidential information or that their former employers own such team members’ inventions or other work product, or that they have been hired in violation of non-compete provisions or non-solicitation provisions.
In addition, job candidates and existing team members often consider the value of the equity awards they receive in connection with their employment. If the perceived value of our equity or equity awards declines, it may adversely affect our ability to retain highly skilled team members. If we fail to attract new personnel or fail to retain and motivate our current personnel, our business and future growth prospects would be severely harmed. Further, our competitors may be successful in recruiting and hiring members of our management team or other key team members, and it may be difficult for us to find suitable replacements on a timely basis, on competitive terms, or at all. If we fail to attract new personnel or fail to retain and motivate our current personnel, our business and future growth prospects would be severely harmed.
If we do not effectively hire, integrate, and train additional sales personnel, and expand our sales and marketing capabilities, we may be unable to increase our customer base and increase sales to our existing customers.
Our ability to increase our customer base and achieve broader market adoption of The DevOps Platform will depend to a significant extent on our ability to continue to expand our sales and marketing operations. We plan to dedicate significant resources to sales and marketing programs and to expand our sales and marketing capabilities to target additional potential customers, but there is no guarantee that we will be successful in attracting and maintaining additional customers. If we are unable to find efficient ways to deploy our sales and marketing investments or if our sales and marketing programs are not effective, our business and operating results would be adversely affected.
Furthermore, we plan to continue expanding our sales force and there is significant competition for sales personnel with the skills and technical knowledge that we require. Our ability to achieve revenue growth will depend, in part, on our success in hiring, integrating, training, and retaining sufficient numbers of sales personnel to support our growth, particularly in international markets. New hires require significant training and may take significant time before they achieve full productivity. Our recent hires and planned hires may not become productive as quickly as we expect, and we may be unable to hire or retain sufficient numbers of qualified individuals in the markets where we do business or plan to do business. If we are unable to hire and train a sufficient number of effective sales personnel, or the sales personnel we hire are not successful in obtaining new customers or increasing sales to our existing customer base, our business, operating results, and financial condition will be adversely affected.
42


We are a remote-only company, meaning that our team members work remotely which poses a number of risks and challenges that can affect our business, operating results, and financial condition.
As a remote-only company, we face a number of unique operational risks. For example, technologies in our team members’ homes may not be robust enough and could cause the networks, information systems, applications, and other tools available to team members and service providers to be limited, unreliable, or unsecure. In addition, in a remote-only company, it may be difficult for us to develop and preserve our corporate culture and our team members may have decreased opportunities to collaborate in meaningful ways. Any impediments to preserving our corporate culture and foster collaboration could harm our future success, including our ability to retain and recruit personnel, innovate and operate effectively, and execute on our business strategy.
Unfavorable media coverage could negatively impact our business.
We receive a high degree of media coverage, including due to our commitment to transparency. Unfavorable publicity or consumer perception of our service offerings could adversely affect our reputation, resulting in a negative impact on the size of our user base and the loyalty of our users. It could negatively impact our ability to acquire new customers and could lead to customers choosing to leave GitLab. As a result, our business, financial condition and results of operations could be materially and adversely affected.
Our corporate culture has contributed to our success, and if we cannot maintain this culture as we grow, we could lose the innovation, creativity, and teamwork fostered by our culture, and our business may be harmed.
We believe that our corporate culture has been and will continue to be a key contributor to our success. If we do not continue to develop our corporate culture as we grow and evolve, it could harm our ability to foster the innovation, creativity, and teamwork that we believe is important to support our growth. As our organization grows and we are required to implement more complex organizational structures, we may find it increasingly difficult to maintain the beneficial aspects of our corporate culture, which could negatively impact our future success.
Risk Related to Our International Operations
We plan to continue expanding our international operations which could subject us to additional costs and risks, and our continued expansion internationally may not be successful.
We plan to expand our operations internationally in the future. Outside of the United States, we currently have direct and indirect subsidiaries in the United Kingdom, Netherlands, Germany, France, Ireland, Japan, South Korea, Canada, Singapore and Australia and have team members in over 65 countries. We also recently established a joint venture in China. There are significant costs and risks inherent in conducting business in international markets, including:
establishing and maintaining effective controls at foreign locations and the associated increased costs;
adapting our technologies, products, and services to non-U.S. consumers’ preferences and customs;
increased competition from local providers;
compliance with foreign laws and regulations;
adapting to doing business in other languages and/or cultures;
43


compliance with the laws of numerous taxing jurisdictions where we conduct business, potential double taxation of our international earnings, and potentially adverse tax consequences due to U.S. and foreign tax laws as they relate to our international operations;
compliance with anti-bribery laws, such as the FCPA and the U.K. Bribery Act, by us, our team members, our service providers, and our business partners;
difficulties in staffing and managing global operations and the increased travel, infrastructure, and compliance costs associated with multiple international locations;
complexity and other risks associated with current and future foreign legal requirements, including legal requirements related to data privacy frameworks, such as the E.U. GDPR;
currency exchange rate fluctuations and related effects on our operating results;
economic and political instability in some countries, including the potential effects of the current COVID-19 pandemic;
the uncertainty of protection for intellectual property rights in some countries and practical difficulties of enforcing rights abroad; and
other costs of doing business internationally.
These factors and other factors could harm our international operations and, consequently, materially impact our business, operating results, and financial condition. Further, we may incur significant operating expenses as a result of our international expansion, and it may not be successful. We have limited experience with regulatory environments and market practices internationally, and we may not be able to penetrate or successfully operate in new markets. If we are unable to continue to expand internationally and manage the complexity of our global operations successfully, our financial condition and operating results could be adversely affected.
We have a limited operating history in China and we face risks with respect to conducting business in connection with our joint venture in China due to certain legal, political, economic and social uncertainties relating to China. Our ability to monetize our joint venture in China may be limited.
In February 2021, we partnered with two Chinese investment partners to form an independent company called GitLab Information Technology (Hubei) Co., Ltd. (极狐, pinyin: JiHu pronounced Gee Who) which was formed to specifically serve the Chinese market. This new company offers a dedicated distribution of GitLab’s DevOps platform available as both a self-managed and SaaS offering (GitLab.cn) that will only be available in mainland China, Hong Kong and Macau. The autonomous company has its own governance structure, management team, and business support functions including Engineering, Sales, Marketing, Finance, Legal, Human Relations and Customer Support.
Our participation in this joint venture in China is subject to general, as well as industry-specific, economic, political and legal developments and risks in China. The Chinese government exercises significant control over the Chinese economy, including but not limited to controlling capital investments, allocating resources, setting monetary policy, controlling and monitoring foreign exchange rates, implementing and overseeing tax regulations, providing preferential treatment to certain industry segments or companies and issuing necessary licenses to conduct business. In addition, we could face additional risks resulting from changes in China’s data privacy and cybersecurity requirements. Accordingly, any adverse change in the Chinese economy, the Chinese legal system or Chinese governmental, economic or other policies could have a material adverse effect on our business and operations in China and our prospects generally.
We face additional risks in China due to China’s historically limited recognition and enforcement of contractual and intellectual property rights. We may experience difficulty enforcing our intellectual property rights in China. Unauthorized use of our technologies and intellectual property rights by China
44


partners or competitors may dilute or undermine the strength of our brands. If we cannot adequately monitor the use of our technologies and products, or enforce our intellectual property rights in China or contractual restrictions relating to use of our intellectual property by Chinese companies, our revenue could be adversely affected.
Our joint venture is subject to laws and regulations applicable to foreign investment in China. There are uncertainties regarding the interpretation and enforcement of laws, rules and policies in China. Because many laws and regulations are relatively new, the interpretations of many laws, regulations and rules are not always uniform. Moreover, the interpretation of statutes and regulations may be subject to government policies reflecting domestic political agendas. Enforcement of existing laws or contracts based on existing law may be uncertain and sporadic. As a result of the foregoing, it may be difficult for us to obtain swift or equitable enforcement of laws ostensibly designed to protect companies like ours, which could have a material adverse effect on our business and results of operations.Our ability to monetize our joint venture in China may also be limited. Although the joint venture entity is an autonomous company, it is the exclusive seller of GitLab in mainland China, Hong Kong and Macau and is therefore the public face of GitLab in those areas. Therefore, we face reputational and brand risk as a result of any negative publicity faced by the joint venture entity. Any such reputational and brand risk can harm our business and operating results.
We are exposed to fluctuations in currency exchange rates and interest rates, which could negatively affect our results of operations and our ability to invest and hold our cash.
Revenue generated are billed in U.S. dollars while expenses incurred by our international subsidiaries and activities are often denominated in the currencies of the local countries. As a result, our consolidated U.S. dollar financial statements are subject to fluctuations due to changes in exchange rates as the financial results of our international subsidiaries are translated from local currencies into U.S. dollars. Our financial results are also subject to changes in exchange rates that impact the settlement of transactions in non-local currencies. To date, we have not engaged in currency hedging activities to limit the risk of exchange fluctuations and, as a result, our financial condition and operating results could be adversely affected by such fluctuations.
Risks Related to Financial and Accounting Matters
We are an “emerging growth company” and the reduced disclosure requirements applicable to emerging growth companies may make our Class A common stock less attractive to investors.
We are an “emerging growth company” as defined in the JOBS Act. For as long as we continue to be an emerging growth company, we may take advantage of certain exemptions from various reporting requirements that are applicable to other public companies that are not emerging growth companies, including (i) not being required to comply with the independent auditor attestation requirements of the Sarbanes-Oxley Act, (ii) reduced disclosure obligations regarding executive compensation in this prospectus and our periodic reports and proxy statements and the required number of years of audited financial statements, and (iii) exemptions from the requirements of holding non-binding advisory stockholder votes on executive compensation and stockholder approval of any golden parachute payments not approved previously. In addition, as an emerging growth company, we are only required to provide two years of audited financial statements and two years of selected financial data in this prospectus.
We could be an emerging growth company for up to five fiscal years following the completion of this offering. However, certain circumstances could cause us to lose that status earlier, including the date on which we are deemed to be a “large accelerated filer,” under applicable SEC rules, if we have total annual gross revenue of $1.07 billion or more, or if we issue more than $1.0 billion in non-convertible debt during any three-year period before that time.
Under the JOBS Act, emerging growth companies can also delay adopting new or revised accounting standards until such time as those standards apply to private companies. We have elected to take
45


advantage of the benefits of this extended transition period. Accordingly, our financial statements may therefore not be comparable to those of companies that comply with such new or revised accounting standards. Until the date that we are no longer an “emerging growth company” or affirmatively and irrevocably opt out of the exemption provided by Section 7(a)(2)(B) of the Securities Act, upon issuance of a new or revised accounting standard that applies to our financial statements and that has a different effective date for public and private companies, we will disclose the date on which adoption is required for non-emerging growth companies and the date on which we will adopt the recently issued accounting standard.
Investors may find our common stock less attractive because we may rely on certain of these exemptions. If some investors find our common stock less attractive as a result, there may be a less active trading market for our common stock and our price may be more volatile and may decline.
If we fail to maintain an effective system of internal controls, our ability to produce timely and accurate financial statements or comply with applicable regulations could be impaired.
As a public company, we will be subject to the reporting requirements of the Exchange Act, the Sarbanes-Oxley Act, and the rules and regulations of the applicable listing standards of          . We expect that the requirements of these rules and regulations will continue to increase our legal, accounting, and financial compliance costs, make some activities more difficult, time-consuming, and costly, and place significant strain on our personnel, systems, and resources.
The Sarbanes-Oxley Act requires, among other things, that we maintain effective disclosure controls and procedures and internal control over financial reporting. We are continuing to develop and refine our disclosure controls, internal control over financial reporting and other procedures that are designed to ensure information required to be disclosed by us in our financial statements and in the reports that we will file with the SEC is recorded, processed, summarized and reported within the time periods specified in SEC rules and forms, and information required to be disclosed in reports under the Exchange Act is accumulated and communicated to our principal executive and financial officers. In order to maintain and improve the effectiveness of our internal controls and procedures, we have expended, and anticipate that we will continue to expend, significant resources, including accounting related costs and significant management oversight.
Our current controls and any new controls we develop may become inadequate because of changes in conditions in our business. Further, weaknesses in our internal controls may be discovered in the future. Any failure to develop or maintain effective controls, or any difficulties encountered in their implementation or improvement, could harm our operating results, may result in a restatement of our financial statements for prior periods, cause us to fail to meet our reporting obligations, and could adversely affect the results of periodic management evaluations and annual independent registered public accounting firm attestation reports regarding the effectiveness of our internal control over financial reporting that we are required to include in the periodic reports we will file with the SEC. However, while we remain an “emerging growth company,” we will not be required to include an attestation report on internal control over financial reporting issued by our independent registered public accounting firm. Ineffective disclosure controls and procedures and internal control over financial reporting could also cause investors to lose confidence in our reported financial and other information, which would likely have a negative effect on the market price of our Class A common stock. We are not currently required to comply with the SEC rules that implement Sections 302 and 404 of the Sarbanes-Oxley Act, and we are therefore not required to make a formal assessment of the effectiveness of our internal control over financial reporting for that purpose.
Our independent registered public accounting firm is not required to formally attest to the effectiveness of our internal control over financial reporting until after we are no longer an "emerging growth company" as defined in the JOBS Act. At such time, our independent registered public accounting firm may issue a report that is adverse in the event it is not satisfied with the level at which our internal control over financial reporting is documented, designed or operating. Any failure to maintain effective
46


disclosure controls and internal control over financial reporting could have an adverse effect on our business and results of operations and could cause a decline in the price of our Class A common stock.
Upon becoming a public company, and particularly after we are no longer an “emerging growth company,” significant resources and management oversight will be required. As a result, management’s attention may be diverted from other business concerns, which could harm our business, financial condition and operating results.
We will incur significant increased costs and management resources as a result of operating as a public company.
As a public company, we will incur significant legal, accounting, compliance and other expenses that we did not incur as a private company and these expenses will increase even more after we are no longer an “emerging growth company.” Our management and other personnel will need to devote a substantial amount of time and incur significant expense in connection with compliance initiatives. For example, in anticipation of becoming a public company, we will need to adopt additional internal controls and disclosure controls and procedures, retain a transfer agent and adopt an insider trading policy. As a public company, we will bear all of the internal and external costs of preparing and distributing periodic public reports in compliance with our obligations under the securities laws.
In addition, regulations and standards relating to corporate governance and public disclosure, including the Sarbanes-Oxley Act, and the related rules and regulations implemented by the SEC  have increased legal and financial compliance costs and will make some compliance activities more time-consuming. We intend to invest resources to comply with evolving laws, regulations and standards, and this investment will result in increased general and administrative expenses and may divert management’s time and attention from our other business activities. If our efforts to comply with new laws, regulations and standards differ from the activities intended by regulatory or governing bodies due to ambiguities related to practice, regulatory authorities may initiate legal proceedings against us, and our business may be harmed. In connection with this offering, we intend to increase our directors’ and officers’ insurance coverage, which will increase our insurance cost. In the future, it may be more expensive or more difficult for us to obtain director and officer liability insurance, and we may be required to accept reduced coverage or incur substantially higher costs to obtain coverage. These factors would also make it more difficult for us to attract and retain qualified members of our board of directors, particularly to serve on our audit committee and compensation committee, and qualified executive officers.
We may need to raise additional capital to grow our business, and we may not be able to raise capital on terms acceptable to us or at all. In addition, any inability to generate or obtain such capital may adversely affect our operating results and financial condition
In order to support our growth and respond to business challenges, such as developing new features or enhancements to our services to stay competitive, acquiring new technologies, and improving our infrastructure, we have made significant financial investments in our business and we intend to continue to make such investments. As a result, we may need to engage in additional equity or debt financings to provide the funds required for these investments and other business endeavors. We may not be able to raise needed cash on terms acceptable to us or at all. Financing may be on terms that are dilutive or potentially dilutive to our stockholders, and the prices at which new investors would be willing to purchase our securities may be significantly lower than the current price per share of our common stock. The holders of new debt or equity securities may also have rights, preferences, or privileges that are senior to those of existing holders of common stock. If new sources of financing are required, but are insufficient or unavailable, we will be required to modify our growth and operating plans based on available funding, if any, which would harm our ability to grow our business.
If we raise additional funds through equity or convertible debt issuances, our existing stockholders may suffer significant dilution and these securities could have rights, preferences, and privileges that are
47


superior to those of holders of our Class A common stock. If we obtain additional funds through debt financing, we may not be able to obtain such financing on terms favorable to us. Such terms may involve restrictive covenants making it difficult to engage in capital raising activities and pursue business opportunities, including potential acquisitions. The trading prices of technology companies have been highly volatile as a result of the COVID-19 pandemic, which may reduce our ability to access capital on favorable terms or at all. In addition, a recession, depression, or other sustained adverse market event resulting from the spread of the COVID-19 pandemic could adversely affect our business and the value of our Class A common stock. If we are unable to obtain adequate financing or financing on terms satisfactory to us when we require it, our ability to continue to support our business growth and to respond to business challenges could be significantly impaired and our business may be adversely affected, requiring us to delay, reduce, or eliminate some or all of our operations.
Future acquisitions, strategic investments, partnerships or alliances could be difficult to identify and integrate, divert the attention of key management personnel, disrupt our business, dilute stockholder value and adversely affect our business, operating results and financial condition.
As part of our business strategy, we have in the past and expect to continue to make investments in and/or acquire complementary companies, services or technologies. Our ability as an organization to acquire and integrate other companies, services or technologies in a successful manner in the future is not guaranteed. We may not be able to find suitable acquisition candidates, and we may not be able to complete such acquisitions on favorable terms, if at all. If we do complete acquisitions, we may not ultimately strengthen our competitive position or ability to achieve our business objectives, and any acquisitions we complete could be viewed negatively by our end customers or investors. In addition, if we are unsuccessful at integrating such acquisitions, or the technologies associated with such acquisitions, into our company, the revenue and operating results of the combined company could be adversely affected. Any integration process may require significant time and resources, and we may not be able to manage the process successfully. We may not successfully evaluate or utilize the acquired technology or personnel, or accurately forecast the financial impact of an acquisition transaction, including accounting charges. We may have to pay cash, incur debt or issue equity securities to pay for any such acquisition, each of which could adversely affect our financial condition and the market price of our Class A common stock. The sale of equity or issuance of debt to finance any such acquisitions could result in dilution to our stockholders. The incurrence of indebtedness would result in increased fixed obligations and could also include covenants or other restrictions that would impede our ability to manage our operations.
Additional risks we may face in connection with acquisitions include:
diversion of management time and focus from operating our business to addressing acquisition integration challenges;
coordination of research and development and sales and marketing functions;
integration of product and service offerings;
retention of key team members from the acquired company;
changes in relationships with strategic partners as a result of product acquisitions or strategic positioning resulting from the acquisition;
cultural challenges associated with integrating team members from the acquired company into our organization;
integration of the acquired company’s accounting, management information, human resources and other administrative systems;
the need to implement or improve controls, procedures and policies at a business that prior to the acquisition may have lacked sufficiently effective controls, procedures and policies;
48


additional legal, regulatory or compliance requirements;
financial reporting, revenue recognition or other financial or control deficiencies of the acquired company that we don’t adequately address and that cause our reported results to be incorrect;
liability for activities of the acquired company before the acquisition, including intellectual property infringement claims, violations of laws, commercial disputes, tax liabilities and other known and unknown liabilities;
unanticipated write-offs or charges; and
litigation or other claims in connection with the acquired company, including claims from terminated team members, customers, former stockholders or other third parties.
Our failure to address these risks or other problems encountered in connection with acquisitions and investments could cause us to fail to realize the anticipated benefits of these acquisitions or investments, cause us to incur unanticipated liabilities, and harm our business generally.
Changes in tax laws or tax rulings could adversely affect our effective tax rates, financial condition and results of operations.
The tax regimes we are subject to or operate under are unsettled and may be subject to significant change. This challenge is increased by the global nature of our operations. Changes in tax laws (including in response to the COVID-19 pandemic) or tax rulings, or changes in interpretations of existing laws, could cause us to be subject to additional income-based taxes and non-income taxes, including payroll, sales, use, value-added, digital tax, net worth, property and goods and services taxes, which in turn could adversely affect our financial condition and results of operations. For example, in December 2017, the U.S. federal government enacted the tax reform legislation known as the Tax Cuts and Jobs Act, or the 2017 Tax Act. The 2017 Tax Act significantly changed the existing U.S. corporate income tax laws by, among other things, lowering the U.S. corporate tax rate, implementing a partially territorial tax system, and imposing a one-time deemed repatriation tax on certain post-1986 foreign earnings. In addition, many countries in the European Union, as well as a number of other countries and organizations such as the Organization for Economic Cooperation and Development, have recently proposed or recommended changes to existing tax laws or have enacted new laws that could impact our tax obligations. Some of these or other new rules could result in double taxation. Any significant changes to our future effective tax rate could adversely affect our business, financial condition and results of operations.
We may have exposure to greater than anticipated tax liabilities.
The tax laws applicable to our business, including the laws of the United States and other jurisdictions, are subject to interpretation and certain jurisdictions are aggressively interpreting their laws in new ways in an effort to raise additional tax revenue. Our existing corporate structure has been implemented in a manner we believe is in compliance with current prevailing tax laws. However, the taxing authorities of the jurisdictions in which we operate may challenge our methodologies for valuing developed technology or intercompany arrangements, which could impact our worldwide effective tax rate and adversely affect our financial condition and results of operations. Moreover, changes to our corporate structure could impact our worldwide effective tax rate and adversely affect our financial condition and results of operations.
In addition, we are subject to federal, state and local taxes in the United States and numerous foreign jurisdictions. Significant judgment is required in evaluating our tax positions and our worldwide provision for taxes. During the ordinary course of business, there are many activities and transactions for which the ultimate tax determination is uncertain. Our tax obligations and effective tax rates could be adversely affected by changes in the relevant tax, accounting and other laws, regulations, principles and interpretations, including those relating to income tax nexus, by our earnings being lower than anticipated
49


in jurisdictions where we have lower statutory rates and higher than anticipated in jurisdictions where we have higher statutory rates. The relevant taxing authorities may disagree with our determinations as to the income and expenses attributable to specific jurisdictions. If such a disagreement were to occur, and our position were not sustained, we could be required to pay additional taxes, interest and penalties, which could result in one-time tax charges, higher effective tax rates, reduced cash flows and lower overall profitability of our business, with some changes possibly affecting our tax obligations in future or past years. We believe that our financial statements reflect adequate reserves to cover such a contingency, but there can be no assurances in that regard.
Taxing authorities may successfully assert that we should have collected or in the future should collect sales and use, value added or similar taxes, and any such assessments could adversely affect our business, financial condition and results of operations.
Sales and use, value added and similar tax laws and rates vary greatly by jurisdiction. Certain jurisdictions in which we do not collect such taxes may assert that such taxes are applicable or that our presence in such jurisdictions is sufficient to require us to collect taxes, which could result in tax assessments, penalties and interest, and we may be required to collect such taxes in the future. Such tax assessments, penalties and interest or future requirements may adversely affect our financial condition and results of operations. Further, in June 2018, the Supreme Court held in South Dakota v. Wayfair, Inc. that states could impose sales tax collection obligations on out-of-state sellers even if those sellers lack any physical presence within the states imposing the sales taxes. Under the Wayfair decision, a person requires only a “substantial nexus” with the taxing state before the state may subject the person to sales tax collection obligations therein. An increasing number of states (both before and after the publication of the Wayfair decision) have considered or adopted laws that attempt to impose sales tax collection obligations on out-of-state sellers. The Supreme Court’s Wayfair decision has removed a significant impediment to the enactment and enforcement of these laws, and it is possible that states may seek to tax out-of-state sellers on sales that occurred in prior tax years, which could create additional administrative burdens for us, put us at a competitive disadvantage if such states do not impose similar obligations on our competitors, and decrease our future sales, which could adversely affect our business, financial condition, and results of operations.
Risks Related to the Offering and Ownership of Our Class A Common Stock
The market price of our Class A common stock may be volatile, and you could lose all or part of your investment.
We cannot predict the prices at which our Class A common stock will trade. The initial public offering price of our Class A common stock has been determined by negotiations between us and the underwriters and may not bear any relationship to the market price at which our Class A common stock will trade after this offering or to any other established criteria of the value of our business and prospects and the market price of our Class A common stock following this offering may fluctuate substantially and may be lower than the initial public offering price. The market price of our Class A common stock following this offering will depend on a number of factors, including those described in this “Risk Factors” section, many of which are beyond our control and may not be related to our operating performance. In addition, the limited public float of our Class A common stock following this offering will tend to increase the volatility of the trading price of our Class A common stock. These fluctuations could cause you to lose all or part of your investment in our Class A common stock, since you might not be able to sell your shares at or above the price you paid in this offering. Factors that could cause fluctuations in the market price of our Class A common stock include the following:
actual or anticipated changes or fluctuations in our operating results;
the financial projections we may provide to the public, any changes in these projections or our failure to meet these projections;
50


announcements by us or our competitors of new products or new or terminated significant contracts, commercial relationships or capital commitments;
industry or financial analyst or investor reaction to our press releases, other public announcements and filings with the SEC;
rumors and market speculation involving us or other companies in our industry;
price and volume fluctuations in the overall stock market from time to time;
changes in operating performance and stock market valuations of other technology companies generally, or those in our industry in particular;
the expiration of market standoff or contractual lock-up agreements and sales of shares of our Class A common stock by us or our stockholders;
failure of industry or financial analysts to maintain coverage of us, changes in financial estimates by any analysts who follow our company, or our failure to meet these estimates or the expectations of investors;
actual or anticipated developments in our business or our competitors’ businesses or the competitive landscape generally;
litigation involving us, our industry or both, or investigations by regulators into our operations or those of our competitors;
developments or disputes concerning our intellectual property rights or our solutions, or third-party proprietary rights;
announced or completed acquisitions of businesses or technologies by us or our competitors;
new laws or regulations or new interpretations of existing laws or regulations applicable to our business;
any major changes in our management or our board of directors;
effects of public health crises, pandemics, and epidemics, such as the COVID-19 pandemic;
general economic conditions and slow or negative growth of our markets; and
other events or factors, including those resulting from war, incidents of terrorism or responses to these events.
In addition, the stock market in general, and the market for technology companies in particular, has experienced extreme price and volume fluctuations that have often been unrelated or disproportionate to the operating performance of those companies. Broad market and industry factors may seriously affect the market price of our Class A common stock, regardless of our actual operating performance. In addition, in the past, following periods of volatility in the overall market and the market prices of a particular company’s securities, securities class action litigation has often been instituted against that company. Securities litigation, if instituted against us, could result in substantial costs and divert our management’s attention and resources from our business. This could have an adverse effect on our business, operating results and financial condition.
No public market for our Class A common stock currently exists, and an active public trading market may not develop or be sustained following this offering.
Prior to this offering, there has been no public market or active private market for our Class A common stock. We intend to apply to list our Class A common stock on           . However, an active
51


trading market may not develop following the completion of this offering or, if developed, may not be sustained. The lack of an active market may impair your ability to sell your shares at the time you wish to sell them or at a price that you consider reasonable. The lack of an active market may also reduce the market price of your shares of Class A common stock. An inactive market may also impair our ability to raise capital by selling shares and may impair our ability to acquire other companies or technologies by using our shares as consideration.
Sales of substantial amounts of our Class A common stock in the public markets, or the perception that they might occur, could cause the market price of our Class A common stock to decline.
Sales of a substantial number of shares of our Class A common stock into the public market, particularly sales by our directors, executive officers, and principal stockholders, or the perception that these sales might occur, could cause the market price of our Class A common stock to decline. Based on            shares of our Class A common stock and          shares of our Class B common stock outstanding as of          , we will have          shares (if the underwriters exercise their option to purchase additional shares in full) of our Class A common stock and          shares of our Class B common stock outstanding after this offering.
All of the shares of Class A common stock sold in this offering will be freely tradable without restrictions or further registration under the Securities Act, except for any shares held by our affiliates as defined in Rule 144 under the Securities Act (including any shares that may be purchased by any of our affiliates in this offering). The remaining shares of our common stock are subject to the lock-up agreement or market standoff agreements described below.
In addition, as of          , we had options outstanding that, if fully exercised, would result in the issuance of            shares of Class B common stock and               RSUs to be settled in shares of Class B common stock. We also granted           options to purchase shares of our Class B common stock subsequent to               . All of the shares of Class B common stock issuable upon the exercise or settlement of stock options and RSUs, and the shares reserved for future issuance under our equity incentive plans, will be registered for public resale under the Securities Act. Accordingly, these shares will be able to be freely sold in the public market upon issuance subject to existing lock-up or market standoff agreements and applicable vesting requirements.
We and all of our directors, executive officers, and certain other record holders that together represent a substantial majority of our outstanding common stock and securities directly or indirectly convertible into or exchangeable or exercisable for our Class A common stock will be subject to lock-up agreements with the underwriters and are subject to market standoff agreements with us that restrict their ability to transfer such shares of common stock and such securities, including any hedging transactions, during the period ending on                              , as further described in the section titled “Shares Eligible for Future Sale.”
Upon the expiration of the restricted period described above, all of the securities subject to such lock-up and market standoff restrictions will become eligible for sale, subject to compliance with applicable securities laws. Furthermore,                              may waive the lock-up agreements entered into by our executive officers, directors, and holders of our securities before they expire.
Sales of a substantial number of such shares upon expiration of the lock-up and market standoff agreements, or the perception that such sales may occur, or early release of these agreements, could cause our market price to fall or make it more difficult for you to sell your Class A common stock at a time and price that you deem appropriate.
Immediately following this offering, the holders of           shares of our capital stock have rights, subject to some conditions, to require us to file registration statements for the public resale of such capital stock or to include such shares in registration statements that we may file for us or other stockholders.
52


We may also issue our shares of our capital stock or securities convertible into shares of our capital stock from time to time in connection with a financing, acquisition, investment, or otherwise.
The dual class structure of our common stock will have the effect of concentrating voting control with those stockholders who held our capital stock prior to the completion of this offering, including our directors, executive officers, and beneficial owners of 5% or greater of our outstanding capital stock who will hold in the aggregate          % of the voting power of our capital stock following the completion of this offering, which will limit or preclude your ability to influence corporate matters, including the election of directors and the approval of any change of control transaction.
Our Class B common stock has ten votes per share, and our Class A common stock, which is the stock we are offering, has one vote per share. Following this offering, the holders of our outstanding Class B common stock will hold          % of the voting power of our outstanding capital stock, with our directors, executive officers, and holders of more than 5% of our common stock, and their respective affiliates, holding in the aggregate of          % of the voting power of our capital stock. Because of the ten-to-one voting ratio between our Class B and Class A common stock, the holders of our Class B common stock collectively will continue to control a majority of the combined voting power of our common stock and therefore will be able to control all matters submitted to our stockholders for approval until the earlier of (i) ten years from the date of this prospectus, (ii) the death or disability, as defined in our restated certificate of incorporation, of Sytse Sijbrandij, (iii) the date specified by a vote of the holders of two-thirds of the then outstanding shares of Class B common stock and (iv), the first date following the completion of this offering on which the number of shares of outstanding Class B common stock (including shares of Class B common stock subject to outstanding stock options) is less than 5% of the number of shares of outstanding Class B common stock. This concentrated control will limit or preclude your ability to influence corporate matters for the foreseeable future, including the election of directors, amendments of our organizational documents, and any merger, consolidation, sale of all or substantially all of our assets, or other major corporate transaction requiring stockholder approval. In addition, this may prevent or discourage unsolicited acquisition proposals or offers for our capital stock that you may feel are in your best interest as one of our stockholders.
Future transfers by holders of our Class B common stock will generally result in those shares converting to Class A common stock, subject to limited exceptions, such as certain transfers effected for estate planning purposes. The conversion of Class B common stock to Class A common stock will have the effect, over time, of increasing the relative voting power of those holders of our Class B common stock who retain their shares in the long term. See the section titled “Description of Capital Stock—Anti-Takeover Provisions” for additional information.
The dual class structure of our common stock may adversely affect the trading market for our Class A common stock.
Certain stock index providers, such as S&P Dow Jones, exclude companies with multiple classes of shares of common stock from being added to certain stock indices, including the S&P 500. In addition, several stockholder advisory firms and large institutional investors oppose the use of multiple class structures. As a result, the dual class structure of our common stock may prevent the inclusion of our Class A common stock in such indices, may cause stockholder advisory firms to publish negative commentary about our corporate governance practices or otherwise seek to cause us to change our capital structure, and may result in large institutional investors not purchasing shares of our Class A common stock. Any exclusion from stock indices could result in a less active trading market for our Class A common stock. Any actions or publications by stockholder advisory firms or institutional investors critical of our corporate governance practices or capital structure could also adversely affect the value of our Class A common stock.
53


If industry or financial analysts do not publish research or reports about our business, or if they issue inaccurate or unfavorable research regarding our Class A common stock, our stock price and trading volume could decline.
The trading market for our Class A common stock will be influenced by the research and reports that industry or financial analysts publish about us or our business. We do not control these analysts or the content and opinions included in their reports. As a new public company, we may be slow to attract research coverage and the analysts who publish information about our Class A common stock will have had relatively little experience with our company, which could affect their ability to accurately forecast our results and make it more likely that we fail to meet their estimates. In the event we obtain industry or financial analyst coverage, if any of the analysts who cover us issues an inaccurate or unfavorable opinion regarding our stock price, our stock price may decline. In addition, the stock prices of many companies in the technology industry have declined significantly after those companies have failed to meet, or exceed, the financial guidance publicly announced by the companies or the expectations of analysts. If our financial results fail to meet, or exceed, our announced guidance or the expectations of analysts or public investors, analysts could downgrade our Class A common stock or publish unfavorable research about us. If one or more of these analysts cease coverage of our Class A common stock or fail to publish reports on us regularly, our visibility in the financial markets could decrease, which in turn could cause our stock price or trading volume to decline.
We will have broad discretion in the use of the net proceeds to us from this offering and may not use them effectively.
We will have broad discretion in the application of the net proceeds to us from this offering, including for any of the purposes described in the section titled “Use of Proceeds,” and you will not have the opportunity as part of your investment decision to assess whether the net proceeds are being used appropriately. Because of the number and variability of factors that will determine our use of the net proceeds from this offering, their ultimate use may vary substantially from their currently intended use. If we do not use the net proceeds that we receive in this offering effectively, our business, financial condition, operating results, and prospects could be harmed, and the market price of our Class A common stock could decline. Pending their use, we may invest the net proceeds from this offering in short-term, investment-grade interest-bearing securities such as money market accounts, certificates of deposit, commercial paper, and guaranteed obligations of the U.S. government that may not generate a high yield for our stockholders. These investments may not yield a favorable return to our investors.
We do not intend to pay dividends in the foreseeable future. As a result, your ability to achieve a return on your investment will depend on appreciation in the price of our Class A common stock.
We have never declared or paid any cash dividends on our capital stock. We currently intend to retain all available funds and any future earnings for use in the operation of our business and do not anticipate paying any dividends in the foreseeable future. Any determination to pay dividends in the future will be at the discretion of our board of directors. Additionally, our ability to pay dividends is limited by restrictions on our ability to pay dividends or make distributions under the terms of our loan and security agreement. Accordingly, investors must for the foreseeable future rely on sales of their Class A common stock after price appreciation, which may never occur, as the only way to realize any future gains on their investments.
Because the initial public offering price of our Class A common stock will be substantially higher than the pro forma net tangible book value per share of our outstanding common stock following this offering, new investors will experience immediate and substantial dilution.
The initial public offering price is substantially higher than the pro forma net tangible book value per share of our common stock immediately following this offering based on the total value of our tangible assets less our total liabilities. Therefore, if you purchase shares of our Class A common stock in this offering, based on the midpoint of the offering price range set forth on the cover page of this prospectus,
54


and the issuance of           shares of Class A common stock in this offering, you will experience immediate dilution of $          per share, the difference between the price per share you pay for our Class A common stock and its pro forma net tangible book value per share as of           . Furthermore, if the underwriters exercise their option to purchase additional shares, if outstanding stock options are exercised, if we issue awards to our team members under our equity incentive plans, or if we otherwise issue additional shares of our Class A common stock, you could experience further dilution. See the section titled “Dilution” for additional information.
Provisions in our charter documents that will become effective in connection with this offering and under Delaware law could make an acquisition of us, which could be beneficial to our stockholders, more difficult and may limit attempts by our stockholders to replace or remove our current management.
Provisions in our restated certificate of incorporation and restated bylaws that will become effective in connection with this offering may have the effect of delaying or preventing a merger, acquisition or other change of control of GitLab that the stockholders may consider favorable. In addition, because our board of directors is responsible for appointing the members of our management team, these provisions may frustrate or prevent any attempts by our stockholders to replace or remove our current management by making it more difficult for stockholders to replace members of our board of directors. Among other things, our restated certificate of incorporation and restated bylaws include provisions that:
provide that our board of directors is classified into three classes of directors with staggered three-year terms;
permit our board of directors to establish the number of directors and fill any vacancies and newly created directorships;
require supermajority voting to amend some provisions in our restated certificate of incorporation and restated bylaws;
authorize the issuance of “blank check” preferred stock that our board of directors could use to implement a stockholder rights plan;
provide that only our chief executive officer or a majority of our board of directors will be authorized to call a special meeting of stockholders;
eliminate the ability of our stockholders to call special meetings of stockholders;
do not provide for cumulative voting;
provide that directors may only be removed “for cause” and only with the approval of two-thirds of our stockholders;
provide for a dual class common stock structure in which holders of our Class B common stock may have the ability to control the outcome of matters requiring stockholder approval, even if they own significantly less than a majority of the outstanding shares of our common stock, including the election of directors and other significant corporate transactions, such as a merger or other sale of our company or its assets;
prohibit stockholder action by written consent, which requires all stockholder actions to be taken at a meeting of our stockholders;
provide that our board of directors is expressly authorized to make, alter, or repeal our bylaws; and
establish advance notice requirements for nominations for election to our board of directors or for proposing matters that can be acted upon by stockholders at annual stockholder meetings.
55


Moreover, Section 203 of the Delaware General Corporation Law, or DGCL, may discourage, delay, or prevent a change in control of our company. Section 203 imposes certain restrictions on mergers, business combinations, and other transactions between us and holders of 15% or more of our common stock.
Our restated certificate of incorporation and bylaws that will become effective in connection with this offering contain exclusive forum provisions for certain claims, which may limit our stockholders’ ability to obtain a favorable judicial forum for disputes with us or our directors, officers, or team members.
Our restated certificate of incorporation that will become effective in connection with this offering provides that the Court of Chancery of the State of Delaware, to the fullest extent permitted by law, will be the exclusive forum for any derivative action or proceeding brought on our behalf, any action asserting a breach of fiduciary duty, any action asserting a claim against us arising pursuant to the DGCL, our restated certificate of incorporation, or our restated bylaws, or any action asserting a claim against us that is governed by the internal affairs doctrine.
Moreover, Section 22 of the Securities Act creates concurrent jurisdiction for federal and state courts over all claims brought to enforce any duty or liability created by the Securities Act or the rules and regulations thereunder. Our restated certificate of incorporation and bylaws that will become effective in connection with this offering provides that the federal district courts of the United States will, to the fullest extent permitted by law, be the exclusive forum for resolving any complaint asserting a cause of action arising under the Securities Act, or Federal Forum Provision. Our decision to adopt a Federal Forum Provision followed a decision by the Supreme Court of the State of Delaware holding that such provisions are facially valid under Delaware law. While there can be no assurance that federal or state courts will follow the holding of the Delaware Supreme Court or determine that the Federal Forum Provision should be enforced in a particular case, application of the Federal Forum Provision means that suits brought by our stockholders to enforce any duty or liability created by the Securities Act must be brought in federal court and cannot be brought in state court.
Section 27 of the Exchange Act creates exclusive federal jurisdiction over all claims brought to enforce any duty or liability created by the Exchange Act or the rules and regulations thereunder. In addition, the Federal Forum Provision applies to suits brought to enforce any duty or liability created by the Exchange Act. Accordingly, actions by our stockholders to enforce any duty or liability created by the Exchange Act or the rules and regulations thereunder must be brought in federal court.
Our stockholders will not be deemed to have waived our compliance with the federal securities laws and the regulations promulgated thereunder.
Any person or entity purchasing or otherwise acquiring or holding any interest in any of our securities shall be deemed to have notice of and consented to our exclusive forum provisions, including the Federal Forum Provision. These provisions may limit a stockholders’ ability to bring a claim in a judicial forum of their choosing for disputes with us or our directors, officers, or team members, which may discourage lawsuits against us and our directors, officers, and team members. Alternatively, if a court were to find the choice of forum provision contained in our restated certificate of incorporation or restated bylaws to be inapplicable or unenforceable in an action, we may incur additional costs associated with resolving such action in other jurisdictions, which could harm our business, financial condition, and operating results.
56


General Risk Factors
We may be adversely affected by natural disasters, pandemics, including COVID-19, and other catastrophic events, and by man-made problems such as terrorism, that could disrupt our business operations and our business continuity and disaster recovery plans may not adequately protect us from a serious disaster.
Natural disasters, pandemics and epidemics, or other catastrophic events such as fire, power shortages, and other events beyond our control may cause damage or disruption to our operations, international commerce, and the global economy, and could have an adverse effect on our business, operating results, and financial condition. While we do not have a corporate headquarters, we have team members around the world, and any such catastrophic event could occur in areas where significant portions of our team members are located. For example, changes in how we and companies worldwide conduct business due to the current COVID-19 pandemic, including but not limited to restrictions on travel and in-person meetings, could affect services delivery, delay implementations, and interrupt sales activity for our products. In response to the COVID-19 pandemic, we have shifted certain of our customer events, such as GitLab Contribute, GitLab Commit, GitLab Sales Kick-Off and many field marketing events, to virtual-only experiences and we may deem it advisable to similarly alter, postpone or cancel entirely additional customer, team member or industry events in the future. Moreover, these conditions can affect the rate of software development operations solutions spending and could adversely affect our customers’ ability or willingness to attend our events or to purchase our services, delay prospective customers’ purchasing decisions or project implementation timing, reduce the value or duration of their subscription contracts, or affect attrition rates, result in requests from customers for payment or pricing concessions, all of which could adversely affect our future sales and operating results. As a result, we may experience extended sales cycles; our ability to close transactions with new and existing customers and partners may be negatively impacted; our ability to recognize revenue from software transactions we do close may be negatively impacted due to implementation delays or other factors; our demand generation activities, and the efficiency and effect of those activities, may be negatively affected. Moreover, it has been and, until the COVID-19 pandemic is contained, will continue to be more difficult for us to forecast our operating results. The COVID-19 pandemic has, and may continue to, put pressure on global economic conditions and overall spending for our products and services, and may cause our customers to modify spending priorities or delay or abandon purchasing decisions, thereby lengthening sales cycles, and may make it difficult for us to forecast our sales and operating results and to make decisions about future investments. These and other potential effects on our business due to the COVID-19 pandemic may be significant and could materially harm our business, operating results and financial condition.
In the event of a natural disaster, including a major earthquake, blizzard, or hurricane, or a catastrophic event such as a fire, power loss, or telecommunications failure, we may be unable to continue our operations and may endure system interruptions, reputational harm, delays in development of our solutions, lengthy interruptions in service, breaches of data security, and loss of critical data, all of which could have an adverse effect on our future operating results. Additionally, all of the aforementioned risks may be further increased if we do not implement a disaster recovery plan or the disaster recovery plans put in place by GitLab or our partners prove to be inadequate.
We could be subject to securities class action litigation.
In the past, securities class action litigation has often been instituted against companies following periods of volatility in the market price of a company’s securities. This type of litigation, if instituted, could result in substantial costs and a diversion of management’s attention and resources, which could adversely affect our business, operating results, or financial condition. Additionally, the dramatic increase in the cost of directors’ and officers’ liability insurance may cause us to opt for lower overall policy limits or to forgo insurance that we may otherwise rely on to cover significant defense costs, settlements, and damages awarded to plaintiffs.
57


SPECIAL NOTE REGARDING FORWARD-LOOKING STATEMENTS
This prospectus contains forward-looking statements. All statements contained in this prospectus other than statements of historical fact, including statements regarding our future operating results and financial condition, our business strategy and plans, market growth, and our objectives for future operations, are forward-looking statements. The words “believe,” “may,” “will,” “potentially,” “estimate,” “continue,” “anticipate,” “intend,” “could,” “would,” “project,” “target,” “plan,” “expect,” and similar expressions are intended to identify forward-looking statements.
Forward-looking statements contained in this prospectus include, but are not limited to, statements about:
our future financial performance, including our expectations regarding our total revenue, cost of revenue, gross profit or gross margin, operating expenses, including changes in operating expenses and our ability to achieve and maintain future profitability;
our business plan and our ability to effectively manage our growth;
our total market opportunity;
anticipated trends, growth rates, and challenges in our business and in the markets in which we operate;
market acceptance of The DevOps Platform and our ability to increase adoption of The DevOps Platform;
beliefs and objectives for future operations;
our ability to further penetrate our existing customer base and attract, retain, and expand our customer base;
our ability to timely and effectively scale and adapt The DevOps Platform;
our ability to develop new features and bring them to market in a timely manner;
the impact of the COVID-19 pandemic on our operations, financial results, and liquidity and capital resources, including on customers, sales, expenses, and team members;
our expectations to grow our partner network;
our ability to maintain, protect, and enhance our intellectual property;
our ability to continue to expand internationally;
the effects of increased competition in our markets and our ability to compete effectively;
future acquisitions or investments in complementary companies, products, services, or technologies;
our ability to stay in compliance with laws and regulations that currently apply or become applicable to our business both in the United States and internationally;
economic and industry trends, projected growth, or trend analysis;
increased expenses associated with being a public company; and
other statements regarding our future operations, financial condition, and prospects and business strategies.
58


These forward-looking statements are subject to a number of risks, uncertainties, and assumptions, including those described in the section titled “Risk Factors” and elsewhere in this prospectus. Moreover, we operate in a very competitive and rapidly changing environment, and new risks emerge from time to time. It is not possible for our management to predict all risks, nor can we assess the impact of all factors on our business or the extent to which any factor, or combination of factors, may cause actual results to differ materially from those contained in any forward-looking statements we may make. In light of these risks, uncertainties, and assumptions, the forward-looking events and circumstances discussed in this prospectus may not occur, and actual results could differ materially and adversely from those anticipated or implied in the forward-looking statements.
You should not rely upon forward-looking statements as predictions of future events. The events and circumstances reflected in the forward-looking statements may not be achieved or occur. We undertake no obligation to update any of these forward-looking statements for any reason after the date of this prospectus or to conform these statements to actual results or to changes in our expectations, except as required by law.
You should read this prospectus and the documents that we reference in this prospectus and have filed with the SEC as exhibits to the registration statement of which this prospectus is a part with the understanding that our actual future results, performance, and events and circumstances may be materially different from what we expect.
59


INDUSTRY, MARKET, AND OTHER DATA
Unless otherwise indicated, information contained in this prospectus concerning our industry and the markets in which we operate, including our general expectations and market position, market opportunity, and market size, is based on information from various sources, as well as assumptions that we have made that are based on those data and other similar sources and on our knowledge of the markets for The DevOps Platform. This information involves important assumptions and limitations, is inherently imprecise, and you are cautioned not to give undue weight to such estimates. In addition, projections, assumptions and estimates of our future performance and the future performance of the industry in which we operate is necessarily subject to a high degree of uncertainty and risk due to a variety of factors, including those described in the section titled “Risk Factors” and elsewhere in this prospectus. These and other factors could cause results to differ materially from those expressed in the estimates made by the independent parties and by us.
This prospectus contains statistical data, estimates, and forecasts that are based on publications or reports generated by third parties, including a report prepared by Forrester Research, Inc., or Forrester, that we commissioned, or other publicly available information, as well as other information based on our internal sources.
The source of, and selected additional information contained in, the independent industry and other publications related to the information so identified are provided below.
The Total Economic Impact of GitLab, June 2020 (GitLab commissioned);
International Data Corporation, FutureScape: Worldwide Developer and DevOps 2021 Predictions, October 2020;
International Data Corporation, Reveals 2021 Worldwide Digital Transformation Predictions, October 2020;
International Data Corporation, MaturityScape: DevOps 3.0, August 2020;
McKinsey & Company, Beyond agile: Reorganizing IT for faster software delivery, September 2015; and
Gartner Report, Market Guide for DevOps Value Stream Delivery Platforms, 28 September 2020. The Gartner content described herein, or the Gartner Content, represents research opinion or viewpoints published, as part of a syndicated subscription service, by Gartner, Inc., or Gartner, and are not representations of fact. Gartner Content speaks as of its original publication date (and not as of the date of this prospectus) and the opinions expressed in the Gartner Content are subject to change without notice.
The content of the foregoing sources, publications and reports, except to the extent specifically set forth in this prospectus, does not constitute part of this prospectus and is not incorporated herein.

60


USE OF PROCEEDS
We estimate that the net proceeds from our sale of shares of our Class A common stock in this offering at an assumed initial public offering price of $     per share, which is the midpoint of the offering price range set forth on the cover page of this prospectus, and after deducting estimated underwriting discounts and commissions and estimated offering expenses, will be approximately $     million, or $     million if the underwriters’ option to purchase additional shares is exercised in full.
A $1.00 increase (decrease) in the assumed initial public offering price of $     per share, which is the midpoint of the offering price range set forth on the cover page of this prospectus, would increase (decrease) the net proceeds to us from this offering by approximately $     million, assuming the number of shares of our Class A common stock offered by us remains the same and after deducting estimated underwriting discounts and commissions. Similarly, each increase (decrease) of 1.0 million shares in the number of shares of our Class A common stock offered would increase (decrease) the net proceeds from this offering by approximately $     million, assuming that the assumed initial public offering price of $     remains the same, and after deducting the estimated underwriting discounts and commissions.
The principal purposes of this offering are to create a public market for our Class A common stock, increase our visibility in the marketplace, obtain additional capital, facilitate future acquisitions and partnerships, and increase our capitalization and financial flexibility. We currently intend to use the net proceeds we receive from this offering primarily for working capital and other general corporate purposes, which may include product development and general and administrative matters. We may also use a portion of the net proceeds for the acquisition of, or investment in, technologies, solutions, or businesses that complement our business. However, we do not have agreements or commitments for any acquisitions or investments outside the ordinary course of business at this time.
We will have broad discretion over the uses of the net proceeds of this offering. Pending these uses, we intend to invest the net proceeds from this offering in short-term, investment-grade interest-bearing securities, such as money market funds, certificates of deposit, commercial paper, and guaranteed obligations of the U.S. government.
61


DIVIDEND POLICY
We have never declared or paid cash dividends on our capital stock. We are not obligated to pay any dividends on our Class A common stock or Class B common stock and we currently intend to retain all available funds and any future earnings for use in the operation of our business and do not anticipate paying any dividends on our capital stock in the foreseeable future. Any future determination to declare dividends will be made at the discretion of our board of directors and will depend on our financial condition, operating results, capital requirements, general business conditions, and other factors that our board of directors may deem relevant.
62


CAPITALIZATION
The following table sets forth our cash, cash equivalents, and short-term investments and our capitalization as of January 31, 2021, on:
an actual basis;
a pro forma basis, which reflects (i) the Capital Stock Conversion as if such conversion had occurred on January 31, 2021, and (ii) the filing and effectiveness of our restated certificate of incorporation that will become effective immediately prior to the completion of this offering; and
a pro forma as adjusted basis, which reflects (i) the pro forma adjustments set forth above, and (ii) the sale and issuance of     shares of our Class A common stock in this offering at an assumed initial public offering price of $     per share, which is the midpoint of the offering price range set forth on the cover page of this prospectus, and after deducting estimated underwriting discounts and commissions and estimated offering expenses.
The information below is illustrative only and our capitalization following this offering will be adjusted based on the actual initial public offering price and other terms of the offering determined at pricing. You should read this table together with our consolidated financial statements and the accompanying notes, and the sections titled “Selected Consolidated Financial and Other Data” and “Management’s Discussion and Analysis of Financial Condition and Results of Operations,” that are included elsewhere in this prospectus.
63


As of January 31, 2021
ActualPro Forma
Pro Forma as
Adjusted(1)
(in thousands, except share and
per share data)
Cash and cash equivalents$$$
Convertible preferred stock; $0.0000025 par value per share; 79,959,227 shares authorized,      shares issued and outstanding, actual; no shares authorized, issued, and outstanding, pro forma and pro forma as adjusted$$$
Stockholders’ (deficit) equity:
Preferred stock; $0.0000025 par value per share; no shares authorized, issued, and outstanding, actual;          shares authorized, no shares issued and outstanding, pro forma and pro forma as adjusted
Class A common stock; $0.0000025 par value per share; 163,000,000 shares authorized actual            shares issued and outstanding, actual;          shares authorized,         shares issued and outstanding, pro forma;          shares authorized,         shares issued and outstanding, pro forma as adjusted
Class B common stock; $0.0000025 par value per share;163,000,000 shares authorized actual,       shares issued, and outstanding, actual;          shares authorized,          shares issued and outstanding, pro forma;          shares authorized,          shares issued and outstanding, pro forma as adjusted
Additional paid-in capital
Accumulated other comprehensive loss
Accumulated deficit
Total stockholders’ (deficit) equity
Total capitalization$$$
______________
(1)Each $1.00 increase (decrease) in the assumed initial public offering price of $     per share, which is the midpoint of the offering price range set forth on the cover page of this prospectus, would increase (decrease) our pro forma as adjusted cash, cash equivalents, and short-term investments, additional paid-in capital, total stockholders’ (deficit) equity, and total capitalization by $     million, assuming that the number of shares offered by us, as set forth on the cover page of this prospectus, remains the same and after deducting the estimated underwriting discounts and commissions. Similarly, each increase (decrease) of 1.0 million shares in the number of shares of our Class A common stock offered by us would increase (decrease) the amount of our pro forma as adjusted cash, cash equivalents, and short-term investments, additional paid-in capital, total stockholders’ (deficit) equity, and total capitalization by $     million, assuming that the assumed initial public offering price remains the same, and after deducting the estimated underwriting discounts and commissions. If the underwriters’ option to purchase additional shares is exercised in full, the pro forma as adjusted amount of each of cash, cash equivalents, and short-term investments, additional paid-in capital, total stockholders’ (deficit) equity, and total capitalization would increase by $     million, and after deducting estimated underwriting discounts and commissions, and we would have      shares of our Class A common stock and          shares of our Class B common stock issued and outstanding, pro forma as adjusted.
The number of shares of our Class A common stock and Class B common stock that will be outstanding after this offering is based on      shares of our Class A common stock outstanding
64


and          shares of our Class B common stock outstanding (after giving effect to the Capital Stock Conversion), in each case, as of January 31, 2021, and excludes:
          shares of our Class B common stock issuable upon the exercise of options to purchase shares of our Class B common stock outstanding as of January 31, 2021 under our 2015 Plan, with a weighted-average exercise price of $          per share;
          shares of our Class B common stock issuable upon the exercise of options to purchase shares of our Class B common stock granted after January 31, 2021 under our 2015 Plan with a weighted-average exercise price of $          per share;
          shares of our Class B common stock subject to restricted stock units, or RSUs, granted after January 31, 2021 under our 2015 Plan;
           shares of our Class B common stock issuable upon the exercise of warrants to purchase shares of our Class B common stock outstanding as of January 31, 2021 with a weighted-average exercise price of $          per share; and
           shares of our common stock reserved for future issuance under our equity compensation plans, consisting of (i)          shares of our Class B common stock reserved for future issuance under our 2015 Plan as of January 31, 2021 (which number of shares is prior to the options to purchase shares of our Class B common stock granted after January 31, 2021), and (ii)         shares of our Class A common stock reserved for future issuance under our 2021 Equity Incentive Plan, or the 2021 Plan, which will become effective on the date immediately prior to the date of this prospectus.
On the date of this prospectus, any remaining shares of Class B common stock available for issuance under our 2015 Plan will be added to the shares of our Class A common stock reserved for issuance under our 2021 Plan, and we will cease granting awards under the 2015 Plan. Our 2021 Plan also provides for automatic annual increases in the number of shares reserved thereunder. For additional information, see the section titled “Executive Compensation—Team Member Benefit and Stock Plans.”
65


DILUTION
If you invest in our Class A common stock in this offering, your ownership interest will be immediately diluted to the extent of the difference between the initial public offering price per share of our Class A common stock and the pro forma as adjusted net tangible book value per share of our Class A common stock immediately after this offering.
As of January 31, 2021, our pro forma net tangible book value was $     million, or $     per share of our common stock. Our pro forma net tangible book value per share represents the amount of our total tangible assets reduced by the amount of our total liabilities and divided by the total number of shares of our common stock outstanding as of January 31, 2021, after giving effect to (i) the Capital Stock Conversion and (ii) the filing and effectiveness of our restated certificate of incorporation that will become effective immediately prior to the completion of this offering.
After giving effect to the sale of     shares of our Class A common stock in this offering at an assumed initial public offering price of $     per share, which is the midpoint of the offering price range set forth on the cover page of this prospectus, after deducting estimated underwriting discounts and commissions and estimated offering expenses, our pro forma as adjusted net tangible book value as of January 31, 2021 would have been $     million, or $     per share. This represents an immediate increase in pro forma net tangible book value of $     per share to our existing stockholders and an immediate dilution in pro forma as adjusted net tangible book value of $     per share to investors purchasing shares of our Class A common stock in this offering at the assumed initial public offering price.
The following table illustrates this dilution on a per share basis to new investors:
Assumed initial public offering price per share$
Pro forma net tangible book value per share as of January 31, 2021$
Increase in pro forma net tangible book value per share attributable to new investors purchasing shares of our common stock in this offering
Pro forma as adjusted net tangible book value per share immediately after this offering
Dilution in pro forma as adjusted net tangible book value per share to new investors in this offering$
The dilution information discussed above is illustrative only and will change based on the actual initial offering price and other terms of this offering determined at pricing. A $1.00 increase (decrease) in the assumed initial public offering price of $     per share, which is the midpoint of the offering price range set forth on the cover page of this prospectus, would increase (decrease) our pro forma as adjusted net tangible book value per share after this offering by $     per share and would increase (decrease) the dilution per share to new investors in this offering by $     per share, assuming the number of shares of Class A common stock offered by us, as set forth on the cover page of this prospectus, remains the same and after deducting the estimated underwriting discounts and commissions. Similarly, each increase (decrease) of 1.0 million shares in the number of shares of Class A common stock offered would increase (decrease) the pro forma as adjusted net tangible book value per share after this offering by $     per share and would increase (decrease) the dilution to new investors by $     per share, assuming the assumed initial public offering price, which is the midpoint of the offering price range set forth on the cover page of this prospectus, remains the same and after deducting the estimated underwriting discounts and commissions.
If the underwriters exercise their option to purchase additional shares in full, the pro forma as adjusted net tangible book value per share of our Class A common stock after giving effect to this offering would be $     per share, and the dilution in pro forma as adjusted net tangible book value per share to investors in this offering would be $     per share.
66


The following table summarizes, on a pro forma as adjusted basis as of January 31, 2021, after giving effect to the pro forma adjustments described above and new investors purchasing shares of Class A common stock in this offering with respect to the number of shares purchased from us, the total consideration paid to us, and the average price per share paid by our existing stockholders or to be paid by investors purchasing shares in this offering at an assumed offering price of $     per share, which is the midpoint of the offering price range set forth on the cover page of this prospectus, before deducting the estimated underwriting discounts and commissions and estimated offering expenses:
Shares PurchasedTotal ConsiderationAverage Price Per Share
NumberPercentAmountPercent
Existing stockholders%$%$
New public investors
Total100 %$100 %
A $1.00 increase (decrease) in the assumed initial public offering price of $     per share, which is the midpoint of the offering price range set forth on the cover page of this prospectus, would increase (decrease) total consideration paid by new investors and total consideration paid by all stockholders by approximately $     million, assuming that the number of shares offered by us, as set forth on the cover page of this prospectus remains the same and after deducting the estimated underwriting discounts and commissions.
Except as otherwise indicated, the above discussion and tables assume no exercise of the underwriters’ option to purchase additional shares. If the underwriters’ option is exercised in full, our existing stockholders would own     % and our new investors would own     % of the total number of shares of our Class A common stock outstanding upon completion of this offering.
In addition, to the extent we issue any additional stock options or any outstanding stock options or warrants are exercised, or we issue any other securities or convertible debt in the future, investors will experience further dilution.
The number of shares of our Class A common stock and Class B common stock that will be outstanding after this offering is based on          shares of our Class A common stock outstanding and          shares of our Class B common stock outstanding (after giving effect to the Capital Stock Conversion), in each case, as of January 31, 2021, and excludes:
          shares of our Class B common stock issuable upon the exercise of options to purchase shares of our Class B common stock outstanding as of January 31, 2021 under our 2015 Plan, with a weighted-average exercise price of $          per share;
          shares of our Class B common stock issuable upon the exercise of options to purchase shares of our Class B common stock granted after January 31, 2021 under our 2015 Plan with a weighted-average exercise price of $          per share;
          shares of our Class B common stock subject to restricted stock units, or RSUs, granted after January 31, 2021 under our 2015 Plan;
          shares of our Class B common stock issuable upon the exercise of warrants to purchase shares of our Class B common stock outstanding as of January 31, 2021 with a weighted-average exercise price of $          per share; and
          shares of our common stock reserved for future issuance under our equity compensation plans, consisting of (i)          shares of our Class B common stock reserved for future issuance under our 2015 Plan as of January 31, 2021 (which number of shares is prior to the options to purchase shares of our Class B common stock granted after January 31, 2021), and (ii)         shares of our Class A common stock reserved for future issuance under our 2021 Equity
67


Incentive Plan, or the 2021 Plan, which will become effective on the date immediately prior to the date of this prospectus.
On the date of this prospectus, any remaining shares of Class B common stock available for issuance under our 2015 Plan will be added to the shares of our Class A common stock reserved for issuance under our 2021 Plan, and we will cease granting awards under the 2015 Plan. Our 2021 Plan also provides for automatic annual increases in the number of shares reserved thereunder. For additional information, see the section titled “Executive Compensation—Team Member Benefit and Stock Plans.”
68


MANAGEMENT’S DISCUSSION AND ANALYSIS OF FINANCIAL CONDITION AND RESULTS OF OPERATIONS
The following discussion and analysis of our financial condition and operating results should be read in conjunction with our consolidated financial statements and the accompanying notes included elsewhere in this prospectus. This discussion contains forward-looking statements that involve risks and uncertainties. Our actual results could differ materially from those discussed below. Factors that could cause or contribute to such difference include, but are not limited to, those identified below and those discussed in the section titled “Risk Factors” included elsewhere in this prospectus. Our fiscal year ends on January 31, and our fiscal quarters end on April 30, July 31, October 31, and January 31. Our fiscal years ended January 31, 2020 and January 31, 2021 are referred to herein as fiscal 2020 and fiscal 2021, respectively.
Overview
We believe in an innovative world powered by software. To realize this vision, we pioneered The DevOps Platform, a fundamentally new approach to DevOps consisting of a single codebase and interface with a unified data model. The DevOps Platform allows everyone to contribute to build better software rapidly, efficiently, and securely.
Today, every industry, business, and function within a company is dependent on software. To remain competitive and survive, nearly all companies must digitally transform and become experts at building and delivering software.
GitLab is The DevOps Platform, a single application that brings together development, operations, IT, security, and business teams to deliver desired business outcomes. Having all teams on a single application with a single interface represents a step change in how organizations plan, build, secure, and deliver software.
The DevOps Platform accelerates our customers’ ability to create business value and innovate by reducing their software development cycle times from weeks to minutes. It removes the need for point tools and delivers enhanced operational efficiency by eliminating manual work, increasing productivity, and creating a culture of innovation and velocity. The DevOps Platform also embeds security earlier into the development process, improving our customers’ software security, quality, and overall compliance.
We began as an open source project in 2011 and founded our company in 2014. Since then, we have focused on accelerating innovation and broadening the distribution of The DevOps Platform to companies across the world to help them become better software-led businesses. We have achieved the following key user, customer, and go-to-market milestones in each of the following fiscal years:
2014: Founded GitLab
2016: Pioneered the integration of SCM and CI into a single platform
2017: First $100,000 ARR customer
2018: Released our Ultimate Tier at $99 per month
2018: Reached more than 500 contributors and 20 $100,000 ARR customers
2019: First $1.0 million ARR customer
2020: Reached more than 1,000 contributors
2020: Established our enterprise sales team and reached more than 100 $100,000 ARR customers
69


2020: Partnered with AWS, other public cloud providers and key national system integrators and resellers
2021: Partnered with Atlassian, and RedHat
2021: Reached more than 20 and 200 $1.0 million and $100,000 ARR customers, respectively
2022: Reached more than 2,400 contributors

The DevOps Platform is available to any company, regardless of the size, scope, and complexity of their deployment. As a result, we have a large number of customers on paid trials or with single-digit users. Customers with less than $5,000 of ARR collectively represent approximately 7% of our ARR for fiscal 2021. Additionally, the vast majority of these customers were part of our Starter tier, our lowest paid tier, which we announced the end of life for in January 2021. For purposes of determining the number of our active customers, we look at our customers with more than $5,000 of ARR in a given period, who we refer to as our Base Customers. For purposes of determining our Base Customers, a single organization with separate subsidiaries, segments, or divisions that use The DevOps Platform is considered a single customer for determining each organization’s ARR. Our company exists today in large part thanks to the vast and growing community of open source contributors around the world. Our community consisted of more than 1,600 contributors as of January 31, 2020, 2,300 contributors as of January 31, 2021 and more than 2,400 contributors as of April 30, 2021. We actively work to grow open source community engagement by operating with intentional transparency. We make our strategy, direction, and product roadmap available to the wider community, where we encourage and solicit their feedback. By making information public, we make it easier to solicit contributions and collaboration from our users and customers.
We have a simple and easy to understand open core business model. We offer a free tier that includes a large number of our features to encourage initial use of The DevOps Platform, solicit wider community contributions, and create lead generation. We offer two paid subscription tiers, Premium and Ultimate, which are based on features available and priced on a per user basis. Our Premium tier includes features relevant for managers and directors, while our Ultimate tier includes additional features relevant for executives. Each of our plans provide feature access across every stage of the DevOps lifecycle, making it easier for customers to adopt additional stages on The DevOps Platform and add more users.
https://cdn.kscope.io/33c468a55f7bad23e274a693dae1d90d-mda2aa.jpg
70


We make our plans available through our self-managed and SaaS offerings. For our self-managed offering, the customer installs The DevOps Platform in its own private, or hybrid cloud environment. For our SaaS offering, the platform is managed by GitLab and hosted in the public cloud. From fiscal 2020 and 2021, our SaaS offering as a percentage of our ARR grew from 9% to 16%, representing year over year SaaS ARR growth of 202%.
Customers enter into our subscription plans in either annual, or multi-year contracts. A majority of our contracts are invoiced annually where we collect cash up front. For our self-managed offering we recognize a portion of revenue upon delivery and transfer of control of The DevOps Platform to the customer. The remaining portion of the contract is classified as post contract support and recognized ratably over the term of the contract. The post contract support portion comprises the substantial majority of the revenue associated with the contract. For our SaaS offering, revenue is recognized ratably over the duration of the contract period. The timing of renewals and billing of large, multi-year contracts can create variability in our deferred revenue between periods. For this reason, we believe our deferred revenue should not be relied on as an indicator of future revenue in any particular period.
We employ a land-and-expand sales model. Our customer journey typically begins with developers and then expands into senior executive buyers. We believe serving as this system of record for code and our high engagement with developers is a competitive advantage in realizing our single application vision as it creates interdependence and adoption across more stages of the DevOps lifecycle, such as Package, Secure, and Release. As more stages are addressed within a single application, the benefits of The DevOps Platform are enhanced.
Our monthly cadence of releasing new features iteratively also drives greater velocity of increased usage by existing users and increased adoption of The DevOps Platform by new users. As more users join within a single organization, those organizations standardize on The DevOps Platform and convert their plans into higher tiers with additional features, such as those within our Secure stage. The strength of our land-and-expand strategy is evidenced by our Dollar-Based Net Retention Rate. For fiscal 2020 and 2021, our Dollar-Based Net Retention Rate was 179% and 148%, respectively.
We are agnostic to where we deploy The DevOps Platform, how we sell to customers, and which customers we target. As a result, The DevOps Platform is used globally by organizations of all sizes across a broad range of industries. Our direct sales efforts consist of our self-service tier, high-velocity inside sales teams, and enterprise sales teams, who focus on organizations with more than 2,000 employees. Our teams are further divided by region as well as a dedicated team who focus on our public sector customers. In 2020, we launched our Alliances and Channels initiative to amplify our direct sales efforts and grow the distribution of The DevOps Platform and general awareness of our business. Our customer growth is best represented by our growth in our Base Customers from 1,662 as of January 31, 2020 to 2,745 as of January 31, 2021. No single customer generated more than 5% of our total revenue in fiscal 2020 and 2021.
Our business has experienced rapid growth. We generated revenue of $81.2 million and $152.2 million in fiscal 2020 and 2021, respectively, representing year-over-year growth of 87.3%. During this period, we continued to invest in growing our business to capitalize on our market opportunity. Our net loss was $130.7 million and $192.2 million in fiscal 2020 and 2021, respectively. Our operating cash flow margin, which we define as operating cash flows as a percentage of revenue, was (74.1)% and (48.4)% for fiscal 2020 and 2021, respectively. Our gross profit was 88% for each of fiscal 2020 and 2021, respectively.
Factors Affecting Our Performance
Sustaining innovation and technology leadership
We believe we have built a highly differentiated platform that gives us an advantage over our competitors by empowering business, development, operations, IT, and security teams to collaborate in a single application across the entire DevOps lifecycle. Our technology leadership is an outcome of various
71


factors, including our strong community, network of contributors, and continued enhancement of The DevOps Platform by developing new features and expanding the functionality of existing features with speed and consistency. We have had a history of releasing enhancements to The DevOps Platform on the 22nd of every month and, as of April 30, 2021, had done so for the last 115 months. We intend to continue releasing new software at this cadence.
We also intend to continue investing in research and development to further enhance The DevOps Platform and sustain our innovation and technology leadership. We have a history of investing in our open source community and intend to continue to leverage our open source software to accelerate innovation. We also intend to continue to add headcount to our research and development team and support functions to extend the functionality and range of The DevOps Platform by bringing new and improved products and services to our customers. In fiscal 2021, we invested a substantial portion of our research and development expenses in the Secure, Create, and Verify development phases. Our Ultimate tier offering has advanced security testing features. The ARR of this tier as a percentage of our total ARR has increased from 17% in fiscal 2020 to 26% in fiscal 2021.
We expect our research and development expenses to increase on an absolute basis in future periods. We foresee that such investment in research and development will contribute to our long-term growth, but will also negatively impact our short-term profitability. As engaged members of the GitLab open-source community, our contributors often serve as subject matter experts at market-leading developer events and The DevOps Platform is presented on the cutting edge of innovation. We intend to continue to invest in building out this community to foster more contributions and collaboration in the space. Our open source community, in turn, accelerates our ability to innovate and provide a better platform to our customers. We intend to expend additional resources in the future to continue enhancing The DevOps Platform and introducing new products, features and functionality.
Acquiring New Customers
Our future growth depends in large part on our ability to acquire new customers. This, in turn, relies on our ability to reach teams and organizations through our marketing and sales efforts. To this end, we are making significant investments in our sales and marketing efforts to expand our reach and differentiate The DevOps Platform from competitive products and services. We believe that eventually all organizations will switch to a DevOps platform and embrace a single application approach, creating a substantial opportunity to continue to grow our customer base. As a result, our Base Customers increased from 1,662 as of January 31, 2020 to 2,745 as of January 31, 2021, an increase of 65%, our $100,000 ARR customers increased from 173 as of January 31, 2020 to 283 as of January 31, 2021, an increase of 64%, and our $1.0 million ARR customers increased from 11 as of January 31, 2020 to 20 as of January 31, 2021, an increase of 82%. See the section entitled “—Key Business Metrics—Dollar-Based Net Retention Rate” below for additional information about how we define ARR.
Our operating results and growth prospects will depend in part on our ability to attract new customers. While we believe we have a significant market opportunity that The DevOps Platform addresses, we will need to continue to invest in sales and marketing, research and development, and customer support to further grow our customer base, both domestically and internationally. We intend to continue to add headcount to our global sales and marketing team to acquire new customers and to increase sales to existing customers. While we cannot predict customer adoption rates and demand, the future growth rate and size of the market for DevOps platforms, or the introduction of competitive products and services, our business and operating results will be significantly affected by the degree and speed with which organizations adopt The DevOps Platform.
Retaining and Expanding Our Existing Customers
We employ a “land and expand” business strategy that focuses on efficiently acquiring new customers and growing our relationships with existing customers over time. We believe that as our customers realize the benefits of a single application approach, they will increase the use of The DevOps
72


Platform, enhancing our ability to expand revenue generation within our existing customers over time. As a result of our approach, our Dollar-Based Net Retention Rate was 179% and 148% for fiscal 2020 and fiscal 2021, respectively. See the section entitled “—Key Business Metrics—Dollar-Based Net Retention Rate” below for additional information about how we define Dollar-Based Net Retention Rate.
We plan to continue investing in sales and marketing, with a focus on expansion of The DevOps Platform with Base Customers. We believe that this expansion will provide us with substantial operating leverage because the costs to expand sales within existing customers are significantly less than the costs to acquire new customers. Our future revenue growth and our ability to achieve and maintain profitability is dependent upon our ability to continue landing new customers, expanding the adoption of The DevOps Platform by additional users within their organizations, and upgrading customers to higher-cost tiers. Ultimately our ability to increase sales to existing customers will depend on several factors, including our customers’ satisfaction with The DevOps Platform, our pricing, competition, and overall changes in our customers’ spending levels.
Our ability to retain and expand our customers is demonstrated in the chart below, which presents the ARR from each customer cohort over the years presented. The cohort for a given year represents customers that acquired their initial subscription purchase from us in that year. For example, the fiscal 2018 cohort represents all customers that made their initial subscription from us between February 1, 2017 and January 31, 2018. The compound annual growth rate, or CAGR, of ARR for our fiscal 2016 cohort, fiscal 2017 cohort, fiscal 2018 cohort, and fiscal 2019 cohort from the fiscal year of the cohort through January 31, 2021 is 90%, 71%, 73%, and 79%, respectively.
https://cdn.kscope.io/33c468a55f7bad23e274a693dae1d90d-mda3aa.jpg
Partnerships, Alliances, Channels, and Integrations
We believe that our further growth depends in part on our ability to build and maintain successful partnerships, alliances, channels and integrations. In fiscal 2021, we began investing in developing a
73


strong ecosystem and partner network, comprised of cloud and technology partners, re-sellers, and system integrators, as a way to expand our go-to-market strategy. We plan to continue investing in and developing these relationships to broaden our distribution footprint and drive greater awareness of our brand and The DevOps Platform. We believe that these partnerships will extend our sales reach and provide product and technology integrations that will accelerate implementation of The DevOps Platform domestically and internationally, although investing in these relationships can be time consuming and costly. While expending resources in developing these partnerships and alliances may adversely impact our short-term profitability, we believe these investments will lead to longer term growth for the business as a whole.
Continuing to Scale our Business
We plan to continue investing in our business so that we can capitalize on our market opportunity. We believe that these investments will contribute to our long-term growth, although they may adversely affect our operating results in the near term. Furthermore, we expect our general and administrative expenses to increase in absolute amount for the foreseeable future given the additional expenses for accounting, compliance, and investor relations as we become a public company. While we expect these investments will contribute to our long-term growth, they may adversely affect our profitability in the near term, until such time as we are able to sufficiently grow our number of customers and increase the value of ARR with existing customers. We plan to balance these investments in future growth with a continued focus on managing our operating results.
Key Business Metrics
We monitor the following key metrics to help us evaluate our business, identify trends affecting our business, formulate business plans, and make strategic decisions.
Dollar-Based Net Retention Rate
We believe that our ability to retain and expand our revenue generated from our existing customers is an indicator of the long-term value of our customer relationships and our potential future business opportunities. Dollar-Based Net Retention Rate measures the percentage change in our ARR derived from our customer base at a point in time.
We calculate ARR by taking the monthly recurring revenue, or MRR, and multiplying it by 12. MRR for each month is calculated by aggregating, for all customers during that month, monthly revenue from committed contractual amounts of subscriptions, including our self-managed and SaaS offerings but excluding professional services. We calculate Dollar-Based Net Retention Rate as of a period end by starting with our customers as of the 12 months prior to such period end, or the Prior Period ARR. We then calculate the ARR from these customers as of the current period end, or the Current Period ARR. The calculation of Current Period ARR includes any upsells, price adjustments, user growth within a customer, contraction, and attrition. We then divide the total Current Period ARR by the total Prior Period ARR to arrive at the Dollar-Based Net Retention Rate.
As of January 31,
20202021
Dollar-Based Net Retention Rate179 %148 %
Customers with ARR of $100,000 or More
We believe that our ability to increase the number of $100,000 ARR customers is an indicator of our market penetration and strategic demand for The DevOps Platform. A single organization with separate subsidiaries, segments, or divisions that use The DevOps Platform is considered a single customer for determining each organization’s ARR. We do not count our reseller or distributor channel partners as
74


customers. In cases where customers subscribe to The DevOps Platform through our channel partners, each end customer is counted separately.
As of January 31,
20202021
$100,000 ARR customers173 283 
Components of Our Results of Operations
Revenue
Subscription - self-managed and SaaS
Our self-managed and SaaS subscriptions consist of support, maintenance, upgrades and updates on a when-and-if-available basis. Revenue for support and maintenance is recognized ratably over the contract period based on the stand-ready nature of these subscription elements.
Our SaaS subscriptions provide access to our latest managed version of our product hosted in a public cloud. Revenue from our SaaS offering is recognized ratably over the contract period when the performance obligation is satisfied. The typical term of a subscription contract for self-managed or SaaS offering is one to three years.
License - self-managed and other
The license component of our self-managed subscriptions reflects the revenue recognized by providing customers with access to proprietary software features. License revenue is recognized up front when the software license is made available to our customer.
Other revenue consists of professional services revenue which is primarily derived from fixed fee offerings which are subject to customer acceptance. Given our limited history of providing professional services, uncertainty exists about customer acceptance and therefore, control is presumed to transfer upon confirmation from the customer, as defined in each professional services contract. Accordingly, revenue is recognized upon satisfaction of all requirements per the applicable contract. Revenue from professional services provided on a time and material basis is recognized over the periods services are delivered. Revenue from professional services accounted for 1.0% and 3.2% of our total revenue for fiscal 2020 and fiscal 2021, respectively.
Cost of Revenue
Subscription - self-managed and SaaS
Cost of revenue for self-managed and SaaS subscriptions consists primarily of allocated cloud-hosting costs paid to third-party service providers, personnel-related costs, including stock-based compensation expenses, associated with our customer support personnel, including contractors, and allocated overhead. We expect our cost of revenue for self-managed and SaaS subscriptions to increase in absolute dollars as our self-managed and SaaS subscription revenue increases. As our SaaS offering makes up an increasing percentage of our total revenue, we expect to see increased associated cloud-related costs, such as hosting and managing costs, which may adversely impact our gross margins.
License - self-managed and other
Cost of self-managed license sales includes personnel-related expenses, including stock-based compensation expenses. Other costs of sales include professional services, personnel-related costs associated with our customer support personnel, including contractors, and allocated overhead.
Operating Expenses
Our operating expenses consist of sales and marketing, research and development and general and administrative expenses. Personnel-related expenses are the most significant component of operating
75


expenses and consist of salaries, benefits, bonuses, stock-based compensation, and sales commissions. Operating expenses also include IT overhead costs.
Sales and Marketing
Sales and marketing expenses consist primarily of personnel-related expenses associated with our sales and marketing personnel, advertising, travel and entertainment related expenses, including a portion of the costs for our gathering of staff and leaders at one site we call “Contribute” once a year, branding and marketing events, promotions, subscription services and our hosting expenses for our free tier. Sales and marketing expenses also include sales commissions paid to our sales force and referral fees paid to independent third parties that are incremental to obtain a subscription contract. Such costs are capitalized and amortized over an estimated period of benefit of three years, and any such expenses paid for the renewal of a subscription are capitalized and amortized over the contractual term of the renewal.
We expect sales and marketing expenses to increase in absolute dollars as we continue to make significant investments in our sales and marketing organization to drive additional revenue, further penetrate the market, and expand our global customer base, but to decrease as a percentage of our total revenue over time, although our sales and marketing expenses may fluctuate as a percentage of our total revenue from period-to-period depending on the timing of these expenses.
Research and Development
Research and development expenses consist primarily of personnel-related expenses associated with our research and development personnel, including internal hosting, contractors and allocated overhead associated with developing new features or enhancing existing features as well as a portion of the costs for our gathering of staff and leaders at one site we call “Contribute” once a year. Costs related to research and development are expensed as incurred.
We expect research and development expenses to increase in absolute dollars as we continue to increase investments in our existing products and services. However, we anticipate research and development expenses to decrease as a percentage of our total revenue over time, although our research and development expenses may fluctuate as a percentage of our total revenue from period-to-period depending on the timing of these expenses.
General and Administrative
General and administrative expenses consist primarily of personnel-related expenses for our executives, finance, legal, and human resources. General and administrative expenses also include external legal, accounting, director and officer insurance, a portion of the costs for our gathering of staff and leaders at one site we call “Contribute” once a year, other consulting, and professional services fees, software and subscription services, and other corporate expenses.
Following the closing of this offering, we expect to incur additional expenses as a result of operating as a public company, including costs to comply with the rules and regulations applicable to companies listed on a national securities exchange, costs related to compliance and reporting obligations, and increased expenses for insurance, investor relations, and professional services. We expect that our general and administrative expenses will increase in absolute dollars as our business grows but will decrease as a percentage of our total revenue over time, although our general and administrative expenses may fluctuate as a percentage of our total revenue from period-to-period depending on the timing of these expenses.
Interest Income, and Other Income (Expense), Net
Interest income consists primarily of interest earned on our cash equivalents.
Other income (expense), net consists primarily of foreign currency transaction gains and losses.
76


Provision for Income Taxes
Provision for income taxes consists primarily of income taxes in certain foreign and state jurisdictions in which we conduct business. We maintain a full valuation allowance in some jurisdictions against our deferred tax assets because we have concluded that it is more likely than not that the deferred tax assets will not be realized.
Results of Operations
The following table sets forth our results of operations for the periods presented:
Fiscal Year Ended January 31,
20202021
Revenue:
Subscription—self-managed and SaaS$70,367 $132,763 
License—self-managed and other10,860 19,413 
Total revenue81,227 152,176 
Cost of revenue:
Subscription—self-managed and SaaS6,467 14,453 
License—self-managed and other2,909 4,010 
Total cost of revenue9,376 18,463 
Gross profit71,851 133,713 
Operating expenses:
Sales and marketing99,225 154,086 
Research and development59,364 106,643 
General and administrative41,629 86,868 
Total operating expenses200,218 347,597 
Loss from operations(128,367)(213,884)
Interest income3,626 1,070 
Other income (expense), net(4,800)23,452 
Net loss before provision for income taxes(129,541)(189,362)
Provision for income taxes(1,200)(2,832)
Net loss$(130,741)$(192,194)
Net loss per share attributable to Class A and Class B common stockholders, basic and diluted$(2.76)$(3.82)
Weighted-average shares used to compute net loss per share attributable to Class A and Class B common stockholders, basic and diluted47,308 50,343 
______________
(1)Includes share-based compensation expense as follows:
Year Ended January 31,
20202021
(in thousands)
Cost of revenue$365 $1,185 
Research and development11,315 31,519 
Sales and marketing4,699 21,504 
General and administrative24,493 57,638 
Total stock-based compensation expense$40,872 $111,846 
77


The following table sets forth the components of our consolidated statements of operations as a percentage of total revenue for each of the periods presented:
Year Ended January 31,
20202021
(as a percentage of total revenue)
Revenue 100 %100 %
Cost of revenue 12 12 
Gross profit 88 88 
Operating expenses:
Sales and marketing 122 101 
Research and development 73 70 
General and administrative 51 57 
Total operating expenses 246 228 
Loss from operations (158)(141)
Interest income 400 
Other income (expense), net (6)15 
Loss before provision for income taxes (159)(124)
Provision for income taxes (100)(2)
Net loss (161)%(126)%
Comparison of the Years Ended January 31, 2020 and 2021
Revenue
Year Ended January 31,Change
20202021$%
(in thousands)
Subscription—self-managed and SaaS$70,367 $132,763 $62,396 89 %
License—self-managed and other10,860 19,413 8,553 79 
Total revenue$81,227 $152,176 $70,949 87 %
Revenue increased $70.9 million, or 87.3%, from $81.2 million for fiscal 2020 to $152.2 million for fiscal 2021, primarily due to the ongoing demand for The DevOps Platform. The increase was due to adding new customers, the expansion within our existing paid customers and an increase in our number of $100,000 ARR customers. Our expansion is reflected by our Dollar-Based Net Retention Rate of 148% as of January 31, 2021. We had 283 $100,000 ARR customers as of January 31, 2021, increasing from 173 as of January 31, 2020.
Cost of Revenue, Gross Profit, and Gross Margin
Year Ended January 31,Change
20202021$%
(in thousands)
Cost of revenue$9,376 $18,463 $9,087 97 %
Gross profit71,851 133,713 61,862 86 
Gross margin88 %88 %
Cost of revenue increased by $9.1 million, from $9.4 million for fiscal 2020 to $18.5 million for fiscal 2021, primarily due to a $4.9 million increase in personnel-related expenses driven by a 57% increase in
78


our average customer support and consulting delivery headcount. The remaining increase was primarily attributable to third-party hosting costs of $3.9 million. Gross margin was consistent at 88% for each of fiscal 2020 and 2021.
Sales and Marketing
Year Ended January 31,Change
20202021$%
(in thousands)
Sales and marketing expenses$99,225 $154,086 $54,861 55 %
Sales and marketing expenses increased by $54.9 million, from $99.2 million for fiscal 2020 to $154.1 million for fiscal 2021, primarily due to an increase of $58.1 million in personnel-related expenses, which includes stock-based compensation expense, driven by an increase of 52% in our average sales and marketing headcount. The increase in personnel-related expenses was partially offset by a decrease of $3.5 million in travel-related costs due to COVID-19 travel restrictions.
Research and Development
Year Ended January 31,Change
20202021$%
(in thousands)
Research and development expenses$59,364 $106,643 $47,279 80 %
Research and development expenses increased by $47.3 million, from $59.4 million for fiscal 2020 to $106.6 million for fiscal 2021, primarily due to an increase of $49.9 million in personnel-related expenses, including stock-based compensation expense, primarily attributable to a 87% average increase in research and development headcount.
General and Administrative
Year Ended January 31,Change
20202021$%
(in thousands)
General and administrative expenses$41,629 $86,868 $45,239 109 %
General and administrative expenses increased by $45.2 million, from $41.6 million for fiscal 2020 to $86.9 million for fiscal 2021, primarily due to an increase of $42.7 million in personnel-related expenses, including stock-based compensation expense, driven by an increase of 56% in our average finance, accounting, legal, and people success headcount and an increase of $2.5 million in software and consulting expenses to support our growth.
Interest Income, and Other Income (Expense), Net
Year Ended January 31,Change
20202021$%
(in thousands)
Interest income$3,626 $1,070 $(2,556)(70)%
Other income (expense), net(4,800)23,452 28,252 (589)
79


Interest income decreased primarily due to decrease in the overall market interest rate. The increase in other income (expense), net is primarily due to net foreign currency exchange gains.
Provision for Income Taxes
Year Ended January 31,Change
20202021$%
(in thousands)
Provision for income taxes$(1,200)$(2,832)$(1,632)136 %
The provision for income taxes increased primarily due to the U.S. federal and state income tax. We maintain a full valuation allowance in some jurisdictions on our deferred tax assets, and the significant components of our recorded tax expense are current cash taxes in various jurisdictions. The cash tax expenses are impacted by each jurisdiction’s individual tax rates, laws on the timing of recognition of income and deductions, and availability of net operating losses and tax credits. Our effective tax rate might fluctuate significantly on a quarterly basis and could be adversely affected to the extent earnings are lower than forecasted in countries that have lower statutory rates and higher than forecasted in countries that have higher statutory rates.
Non-GAAP Financial Measures
In addition to our results determined in accordance with GAAP, we believe the following non-GAAP measures are useful in evaluating our operating performance. We use the following non-GAAP financial information to evaluate our ongoing operations and for internal planning and forecasting purposes. We believe that non-GAAP financial information, when taken collectively with our GAAP financial information, may be helpful to investors because it provides consistency and comparability with past financial performance. However, non-GAAP financial information is presented for supplemental informational purposes only, has limitations as an analytical tool, and should not be considered in isolation or as a substitute for financial information presented in accordance with GAAP.
Other companies, including companies in our industry, may calculate similarly titled non-GAAP measures differently or may use other measures to evaluate their performance, all of which could reduce the usefulness of our non-GAAP financial measures as tools for comparison.
A reconciliation is provided below for each non-GAAP financial measure to the most directly comparable financial measure stated in accordance with GAAP. Investors are encouraged to review the related GAAP financial measures and the reconciliation of these non-GAAP financial measures to their most directly comparable GAAP financial measures and not rely on any single financial measure to evaluate our business.
Non-GAAP Gross Profit and Non-GAAP Loss from Operations
We define non-GAAP gross profit as GAAP gross profit, excluding stock-based compensation expense. We believe non-GAAP gross profit provides our management and investors consistency and comparability with our past financial performance and facilitate period-to-period comparisons of operations, as these measures eliminate the effects of certain variables unrelated to our overall operating performance.
We define non-GAAP loss from operations as GAAP loss from operations, excluding stock-based compensation expense and amortization of acquired intangible assets. We believe non-GAAP loss from operations provides our management and investors consistency and comparability with our past financial performance and facilitate period-to-period comparisons of operations, as these metrics generally eliminate the effects of certain variables unrelated to our overall operating performance.
80


The following table provides a reconciliation of our GAAP gross profit to our non-GAAP gross profit and of our GAAP loss from operations to non-GAAP loss from operations, for each of the periods presented:
Year Ended January 31,
20202021
(in thousands)
GAAP gross profit$71,851 $133,713 
Add: stock-based compensation expense365 1,185 
Non-GAAP gross profit$72,216 $134,898 
GAAP operating loss$(128,367)$(213,884)
Add: amortization of intangible assets— 222 
Add: stock-based compensation expense40,507 110,661 
Non-GAAP operating loss$(87,860)$(103,001)
Liquidity and Capital Resources
Since inception, we have financed operations primarily through proceeds received from sales of equity securities and payments received from our customers. We have generated operating losses, as reflected in our accumulated deficit of $398.2 million as of January 31, 2021. As of January 31, 2021, our principal source of liquidity was cash and cash equivalents of $282.9 million.
We believe that our existing cash and cash equivalents will be sufficient to support working capital and capital expenditure requirements for at least the next 12 months. Our future capital requirements will depend on many factors, including our revenue growth rate, the timing and the amount of cash received from customers, the expansion of sales and marketing activities, the timing and extent of spending to support research and development efforts, the price at which we are able to procure third-party cloud infrastructure, expenses associated with our international expansion, the introduction of platform enhancements, and the continuing market adoption of The DevOps Platform. In the future, we may enter into arrangements to acquire or invest in complementary businesses, products, and technologies. We may be required to seek additional equity or debt financing. In the event that we require additional financing, we may not be able to raise such financing on terms acceptable to us or at all. If we are unable to raise additional capital or generate cash flows necessary to expand our operations and invest in continued innovation, we may not be able to compete successfully, which would harm our business, operating results, and financial condition.
The following table shows a summary of our cash flows for the periods presented:
Year Ended January 31,
20202021
(in thousands)
Net cash used in operating activities$(60,166)$(73,580)
Net cash used in investing activities— (842)
Net cash provided by financing activities271,265 12,945 
Operating Activities
Our largest source of operating cash is payments received from our customers. Our primary uses of cash from operating activities are for personnel-related expenses, sales and marketing expenses, third-party cloud infrastructure expenses, and overhead expenses. We have generated negative cash flows from operating activities and have supplemented working capital through net proceeds from the sale of equity securities.
81


Cash used in operating activities primarily consists of our net loss adjusted for certain non-cash items, including stock-based compensation expense, amortization of intangibles, amortization of deferred contract acquisition costs, unrealized foreign exchange impact, and changes in operating assets and liabilities during each period.
Cash used in operating activities during fiscal 2020 was $60.2 million, primarily consisting of our net loss of $130.7 million, adjusted for non-cash items of $53.2 million and net cash inflows of $17.4 million provided by changes in our operating assets and liabilities. The main drivers of the changes in operating assets and liabilities were the increase in deferred revenue of $42.0 million, partially offset by the increase in costs deferred related to contract acquisition of $15.2 million and the increase in accounts receivable of $13.5 million.
Cash used in operating activities during fiscal 2021 was $73.6 million, primarily consisting of our net loss of $192.2 million, adjusted for non-cash items of $106.7 million and net cash inflows of $11.9 million provided by changes in our operating assets and liabilities. The main drivers of the changes in operating assets and liabilities were the increase in deferred revenue of $52.4 million, partially offset by the increase in costs deferred related to contract acquisition of $34.1 million and the increase in accounts receivable of $14.7 million.
Investing Activities
We did not have any cash used or provided by investing activities during fiscal 2020.
Cash used in investing activities during fiscal 2021 was $0.8 million, primarily consisting of payment for asset acquisition of $0.9 million, offset by other investing activities.
Financing Activities
Cash provided by financing activities during fiscal 2020 was $271.3 million, consisting primarily of $268.2 million of net proceeds from Series E convertible preferred stock financing.
Cash provided by financing activities during fiscal 2021 was $12.9 million, consisting primarily of $13.8 million of proceeds from issuance of common stock upon stock options exercises.
Contractual Obligations and Commitments
The following table summarizes our contractual obligations as of January 31, 2021:
(in thousands)TotalLess Than 1 Year1-3 Years3-5 YearsMore Than 5 Years
Purchase obligations$92,373 $18,554 $73,819 $— $— 
$92,373 $18,554 $73,819 $— $— 
The purchase obligation amounts in the table above are associated with agreements that are enforceable and legally binding. Obligations under contracts that we can cancel without a significant penalty are not included in the table above.
Off-Balance Sheet Arrangements
We did not have during the periods presented, and we do not currently have, any off-balance sheet financing arrangements or any relationships with unconsolidated entities or financial partnerships, such as structured finance or special purpose entities, that were established for the purpose of facilitating off-balance sheet arrangements or other contractually narrow or limited purposes.
82


Quantitative and Qualitative Disclosures About Market Risk
We are exposed to market risk in the ordinary course of our business. Market risk represents the risk of loss that may impact our financial condition due to adverse changes in financial market prices and rates. Our market risk exposure is primarily the result of fluctuations in interest rates and foreign currency exchange rates.
Interest Rate Risk
As of January 31, 2021, we had $282.9 million of cash and cash equivalents. Our cash equivalents of $245.3 million mainly consist of money market funds. Our cash and cash equivalents are held for working capital purposes. We do not enter into investments for trading or speculative purposes. We do not believe a 10% increase or decrease in interest rates would have resulted in a material impact to our operating results.
Foreign Currency Exchange Risk
To date, all of our sales contracts have been denominated in U.S. dollars, therefore our revenue is not subject to foreign currency risk. Operating expenses within the United States are primarily denominated in U.S. dollars, while operating expenses incurred outside the United States are primarily denominated in each country’s respective local currency. Our consolidated results of operations and cash flows are, therefore, subject to fluctuations due to changes in foreign currency exchange rates and may be adversely affected in the future due to changes in foreign exchange rates.
The functional currency of our foreign subsidiaries is each country’s respective local currency. Assets and liabilities of the foreign subsidiaries are translated into U.S. dollars at the exchange rates in effect at the reporting date, and income and expenses are translated at average exchange rates during the period, with the resulting translation adjustments directly recorded as a component of accumulated other comprehensive income (loss). Foreign currency transaction gains and losses are recorded in other income (expense), net in the consolidated statements of operations. The volatility of exchange rates depends on many factors that we cannot forecast with reliable accuracy. In the event our foreign currency denominated assets, liabilities, or expenses increase, our operating results may be more greatly affected by fluctuations in the exchange rates of the currencies in which we do business.
Critical Accounting Policies and Estimates
Our consolidated financial statements have been prepared in conformity with GAAP. The preparation of the consolidated financial statements in conformity with GAAP requires management to make estimates and assumptions that affect the reported amounts of assets and liabilities, disclosure of contingent assets and liabilities at the date of the consolidated financial statements, and the reported amounts of revenue and expenses during the reporting period. We base these estimates on historical and anticipated results, trends, and various other assumptions that it believes are reasonable under the circumstances, including assumptions as to future events. Actual results could differ from those estimates. To the extent that there are differences between our estimates and actual results, our future financial statement presentation, financial condition, operating results, and cash flows will be affected.
The critical accounting policies requiring estimates, assumptions, and judgments that we believe have the most significant impact on our consolidated financial statements are described below.
Revenue Recognition
In accordance with Accounting Standards Codification, or ASC, 606, Revenue from Contracts with Customers, revenue is recognized when a customer obtains control of our promised products and services. The amount of revenue recognized reflects the consideration that we expect to be entitled to receive in exchange for these products and services. To achieve the core principle of this new standard, we apply the following five-step model as a framework:
83


1)Identify the contract with a customer. We consider the terms and conditions of our arrangements with customers to identify contracts under ASC 606. We consider that we have a contract with a customer when the contract is approved, we can identify each party's rights regarding the products and services to be transferred, we can identify the payment terms for the products and services, we have determined the customer has the ability and intent to pay, and the contract has commercial substance. We apply judgment in determining the customer's ability and intent to pay, which is based upon factors including the customer's historical payment experience or, for new customers, credit and financial information pertaining to the customers. At contract inception, we also evaluate whether two or more contracts should be combined and accounted for as a single contract. Further, contract modifications generally qualify as a separate contract.
The typical term of a subscription contract for self-managed or SaaS offering is one to three years. Our contracts are non-cancelable over the contract term and we act as principal in all our customer contracts. Customers have the right to terminate their contracts generally only if we breach the contract and we fail to remedy the breach in accordance with the contractual terms.
2)Identify the performance obligations in the contract. Performance obligations in our contracts are identified based on the products and services that will be transferred to the customer that are both capable of being distinct, whereby the customer can benefit from the product or service either on its own or together with other resources that are readily available from third parties or from us, and are distinct in the context of the contract, whereby the transfer of the product or service is separately identifiable from other promises in the contract.
Our self-managed subscriptions include two performance obligations (a) to provide access to proprietary features in our software, and (b) to provide support and maintenance (including the combined obligation to provide software updates on when and if available basis).
Our SaaS products provide access to hosted software as well as support, which is evaluated to be a single performance obligation.
Services-related performance obligations relate to the provision of consulting and training services. These services are distinct from subscriptions and do not result in significant customization of the software except in certain limited unique contracts.
Some of our customers have the option to purchase additional licenses at a stated price. These options are evaluated on a case-by-case basis but generally do not provide a material right as they are either at the same price as the existing licenses are or within our range of our standalone selling price and, as such, would not result in a separate performance obligation. Where material rights are identified in our contracts they are treated as separate performance obligations.
3)Determine the transaction price. We determine transaction price based on the consideration to which we expect to be entitled in exchange for transferring products and services to the customer.
Variable consideration is included in the transaction price only to the extent it is probable that a significant future reversal of cumulative revenue under the contract will not occur when the uncertainty associated with the variable consideration is resolved.
For contracts with a one year term, we applied a practical expedient available under ASC 606 and made no evaluation for the existence of a significant financing component. In these contracts, at contract inception, the period between when we expect to transfer a promised product or service to the customer and when the customer pays for that product or service will be one year or less. For contracts with terms of more than a year, we have applied judgment in determining that advance payments in such contracts are not collected with the primary intention of availing finance and therefore, do not represent a significant financing component. Revenue is recognized net of any taxes collected from customers which are subsequently remitted to governmental entities (e.g., sales tax and other indirect taxes). We do not offer the right of refund in our contracts.
84


4)If the contract contains a single performance obligation, the entire transaction price is allocated to the single performance obligation. For contracts that contain multiple performance obligations, we allocate the transaction price for each contract to each performance obligation based on the relative standalone selling price, or SSP, for each performance obligation. We use judgment in determining the SSP for our products and services. We typically assess the SSP for our products and services on a periodic basis or when facts and circumstances change. To determine SSP, we maximize the use of observable standalone sales and observable data, where available. In instances where performance obligations do not have observable standalone sales, we utilize available information that may include other observable inputs or uses or applying the expected cost-plus margin approach to estimate the price we would charge if the products and services were sold separately.
5)Revenue is recognized when or as we satisfy a performance obligation. Revenue is recognized at the time the related performance obligation is satisfied by transferring the promised products and services to a customer. We recognize revenue when we transfer control of the products and services to our customers for an amount that reflects the consideration that we expect to receive in exchange for those products and services. All revenue is generated from contracts with customers.
Cost to Obtain a Contract
Sales commissions and bonuses that are direct and incremental costs of the acquisition of contracts with customers are capitalized. These costs are recorded as deferred contract acquisition costs on the consolidated balance sheets. We determine whether costs should be deferred when the costs are direct and incremental and would not have occurred absent the customer contract. The deferred commission and bonus amounts are recoverable through the future revenue streams under the non-cancelable customer contracts.
Commissions and bonuses paid upon the acquisition of an initial contract are amortized over an estimated period of benefit which has been determined generally to be three years based on analysis of average customer life and useful life of our product offerings. Commissions paid for subsequent renewals are amortized over the renewal term. Amortization is recognized on a straight-line basis and included in sales and marketing expenses in the consolidated statements of operations. We periodically review these deferred costs to determine whether events or changes in circumstances have occurred that could impact the period of benefit of these deferred costs.
Stock-Based Compensation
Stock-based compensation expense related to equity awards is recognized based on the fair value of the awards on the date of the grant. The fair value of each stock option granted is estimated using the Black-Scholes option pricing model. The related stock-based compensation expense is recognized on a straight-line basis over the requisite service period of the awards. We account for forfeitures related to these awards as they occur.
The use of the Black-Scholes option pricing model requires the input of highly subjective assumptions. These assumptions involve inherent uncertainties and the application of management’s judgment. These assumptions are estimated as follows:
Fair value of common stock. Because our common stock is not yet publicly traded, we must estimate the fair value of our common stock, as discussed below in the section titled “—Common Stock Valuations."
Expected term. We determine the expected term based on the average period the options are expected to remain outstanding using the simplified method, calculated as the midpoint of the options’ vesting term and contractual expiration period, until sufficient historical information to develop reasonable expectations about future exercise patterns and post-vesting employment termination behavior becomes available.
85


Expected volatility. Since we do not have a trading history of our common stock, we estimate the expected volatility based on the historical volatilities of a group of comparable publicly traded companies.
Risk-free interest rate. We use the U.S. Treasury yield for our risk-free interest rate for a period that corresponds with the expected term of the award.
Dividend yield. We utilize a dividend yield of zero, as we do not currently issue dividends and do not expect to issue dividends on our common stock in the foreseeable future.
The following table summarizes the assumptions used in the Black-Scholes option pricing model to determine the fair value of our stock options:
Year Ended January 31,
20202021
Expected term (years)6.046.02
Expected volatility30.3 %31.9 %
Risk-free interest rate1.9 %0.5 %
Dividend yield— %— %
Common Stock Valuations
The estimated fair value of the common stock underlying our equity awards has been approved by our board of directors, with input from management and contemporaneous third-party valuations. Given the absence of a public trading market for our common stock and in accordance with the American Institute of Certified Public Accountants Practice Aid, Valuation of Privately-Held Company Equity Securities Issued as Compensation, our board of directors exercised reasonable judgment and considered numerous objective and subjective factors to determine the best estimate of the fair value of our common stock at each grant date. These factors include:
contemporaneous third-party valuations of our common stock;
the prices, rights, preferences, and privileges of our convertible preferred stock relative to those of our common stock;
the prices paid for common or convertible preferred stock sold to third-party investors by us and prices paid in secondary transactions for shares purchased by third-party investors in arms-length transactions;
the lack of marketability inherent in our common stock;
our actual operating and financial performance;
our current business conditions and projections;
the hiring of key personnel and the experience of our management;
the likelihood of achieving a liquidity event, such as an initial public offering, a merger, or acquisition of GitLab given prevailing market conditions;
the operational and financial performance of comparable publicly traded companies; and
the U.S. and global capital market conditions and overall economic conditions.
In estimating the fair value of our common stock, we first estimate the fair value of our business using either the income approach, the market approach, or a combination of the income and market approaches. The income approach estimates value based on expectations of future cash flows that we
86


will generate. Future cash flows are then discounted to their present values using a risk-adjusted discount rate. The market approach estimates value based on a comparison of the Company to a group of comparable public companies. From the comparable companies, a representative market value multiple is determined and then applied to our financial results to estimate the fair value of our business.
The resulting estimated fair value of our business is then allocated to each class of stock using the Option Pricing Method, or OPM, or a hybrid of the Probability Weighted Expected Return Method, or PWERM, and OPM. Prior to January 31, 2020, the OPM was selected as the principal equity allocation method. For dates near a recent convertible preferred stock financing, we assessed the value of common stock implied by the price paid for the convertible preferred stock, primarily using an OPM to back solve the common stock value. Beginning January 31, 2020, we allocated the fair value of our business based on a hybrid of the OPM and the PWERM. Using the PWERM, a probability-weighted analysis of values for our common stock was estimated assuming possible future events for our Company, including a scenario assuming we become a publicly traded company and a scenario assuming we continue as a privately held company. A discount for lack of marketability was applied to the resulting per share value to arrive at the fair value of our common stock on a non-marketable basis.
In addition, we also considered any secondary transactions involving our capital stock. In our evaluation of those transactions, we considered the facts and circumstances of each transaction to determine the extent to which they represented a fair value exchange. Factors considered include transaction volume, the number of participants, timing, whether the transactions occurred between willing and unrelated parties, and whether the transactions involved parties with access to our financial information.
Upon completion of this offering, our Class A common stock will be publicly traded, and our board or directors will use the closing price of our Class A common stock as reported on the date of grant to determine the fair value of our Class A common stock.
Based on the assumed initial public offering price per share of $      , which is the midpoint of the offering price range set forth on the cover page of this prospectus, the aggregate intrinsic value of our outstanding stock options as of January 31, 2021 was $      million, with $       million related to vested stock options.
JOBS Act Accounting Election
We are an emerging growth company, as defined in the Jumpstart Our Business Startups, or JOBS Act. The JOBS Act provides that an emerging growth company can take advantage of an extended transition period for complying with new or revised accounting standards. This provision allows an emerging growth company to delay the adoption of some accounting standards until those standards would otherwise apply to private companies. We have elected to use this extended transition period until the earlier of the date we (i) are no longer an emerging growth company or (ii) affirmatively and irrevocably opt out of the extended transition period provided in the JOBS Act. As a result, our financial statements may not be comparable to companies that comply with new or revised accounting pronouncements as of public company effective dates.
Recently Issued Accounting Pronouncements
See Note 2 to our consolidated financial statements included elsewhere in this prospectus for more information regarding recently issued accounting pronouncements.
87


BUSINESS
Overview
We believe in an innovative world powered by software. To realize this vision, we pioneered The DevOps Platform, a fundamentally new approach to DevOps consisting of a single codebase and interface with a unified data model. The DevOps Platform allows everyone to contribute to build better software rapidly, efficiently, and securely.
Today, every industry, business, and function within a company is dependent on software. To remain competitive and survive, nearly all companies must digitally transform and become experts at building and delivering software.
GitLab is The DevOps Platform, a single application that brings together development, operations, IT, security, and business teams to deliver desired business outcomes. Having all teams on a single application with a single interface represents a step change in how organizations plan, build, secure, and deliver software.
The DevOps Platform accelerates our customers’ ability to create business value and innovate by reducing their software development cycle times from weeks to minutes. It removes the need for point tools and delivers enhanced operational efficiency by eliminating manual work, increasing productivity, and creating a culture of innovation and velocity. The DevOps Platform also embeds security earlier into the development process, improving our customers’ software security, quality, and overall compliance.
DevOps is the set of practices that combines software development (dev) and IT operations (ops). It aims to allow teams to collaborate and work together to shorten the development lifecycle and evolve from delivering software on a slow, periodic basis to rapid, continuous updates. When DevOps started, each team bought their own tools in isolation, leading to a “Siloed DevOps” environment. The next evolution was standardizing company-wide on the same tool for each stage across the DevOps lifecycle. However, these tools were not connected, leading to a “Fragmented DevOps” environment. Companies tried to remedy this fragmentation and inefficiency by manually integrating these DevOps point solutions together defining the next phase: “DIY DevOps.”
At the same time, the faster delivery of software required more DevOps tools per project. Increased adoption of a microservice architecture led to more projects. The combination caused an exponential increase in the number of tool-project integrations. This has often led to poor user experiences, higher costs, and increased time to deliver new software. As a result, business outcomes often failed and the potential for DevOps was never fully realized. In short, an entirely new platform for DevOps was needed. We pioneered The DevOps Platform to solve this problem.
The DevOps Platform replaces the DIY DevOps approach. It enables organizations to realize the full potential of DevOps and become software-led businesses. It spans all stages of the DevOps lifecycle, from project planning, or Plan, to source code management, or Create, to continuous integration, or Verify, to static and dynamic application security testing, or Secure, to packaging artifacts, or Package, to continuous delivery and deployment, or Release, to configuring infrastructure for optimal deployment, or Configure, to monitoring it for incidents, or Monitor, to protecting the production deployment, or Protect, and managing the whole cycle with value stream analytics, or Manage. It also allows customers to manage and secure their applications across any cloud through a single platform.
The DevOps Platform has broad use across organizations. It helps product and business teams to work with developers to introduce new features and drive successful business outcomes. It helps Chief Technology Officers, or CTOs, modernize their DevOps environment and drive developer productivity. It helps Chief Information Officers, or CIOs, adopt microservices and cloud native development to improve the efficiency, scale, and performance of their software architecture. It helps Chief Information Security Officers, or CISOs, reduce security vulnerabilities and deliver software faster. It helps organizations
88


attract and retain top talent by allowing people to focus more time on their job and less time managing tools.
The majority of our customers begin by using Create and Verify. Developers use Create to collaborate together on the same code base without conflicting or accidentally overwriting each other's changes. Create also maintains a running history of software contributions from each developer to allow for version control. Teams use Verify to ensure changes to code go through defined quality standards with automatic testing and reporting. We believe serving as this system of record for code and our high engagement with developers is a competitive advantage in realizing our single application vision as it creates interdependence and adoption across more stages of the DevOps lifecycle, such as Package, Secure, and Release. As more stages are addressed within a single application, the benefits of The DevOps Platform are enhanced.
We are committed to advancing The DevOps Platform. Our dual flywheel development strategy leverages both development spend from our research and development team members as well as community contributions via our open core business model. By leveraging the power of each, we create a virtuous cycle where more contributions lead to more features, which leads to more users, leading back to more contributions.
We emphasize iteration to drive rapid innovation in our development strategy. This iterative approach has enabled us to release a new version of our software on the 22nd day of every month for 115 months in a row as of April 30, 2021. This is also due in part to our over 2,400 contributors in our global, open source community as of April 30, 2021. GitLab team members also use The DevOps Platform to power our own DevOps lifecycle. By doing so, we benefit from the inherent advantages of using a single application. We leverage these learnings to establish a rapid feedback loop to continually and rapidly improve The DevOps Platform.
We have been a 100% remote workforce since inception and, as of April 30, 2021, had approximately 1,300 team members in over 65 countries. Operating remotely allows us access to a global talent pool that enables us to hire talented team members, regardless of location, providing a strong competitive advantage. We foster a culture of results built on our core values of collaboration, results, efficiency, diversity-inclusion-belonging, iteration, and transparency. We aim to be transparent to build alignment and affinity with our community and customers. This is exemplified through our corporate handbook, or the Handbook, our central repository that details how we run GitLab and is shared with the world. It consists of over 13,000 public pages of text, including our strategy and roadmap. We welcome everyone, both inside and outside of the company, to contribute to the Handbook.
We have an open core business model. We offer a free tier with a large number of features to encourage use of The DevOps Platform, solicit contributions, and serve as targeted lead generation for paid customers. We also offer two paid subscription tiers with access to additional features that are more relevant to managers, directors, and executives. Our subscription plans are available as a self-managed offering where customers typically download to run The DevOps Platform in their own account in the public cloud, and also a Software-as-a-Service, or SaaS, offering which is managed by GitLab and hosted in our account in the public cloud.
The DevOps Platform is used globally by organizations of all sizes across a broad range of industries. To reach, engage and help drive success at each, our sales force is amplified by our strategic hyperscaler partnerships, including Amazon Web Services, or AWS, who offer The DevOps Platform on their marketplaces. We also benefit from strategic alliance partnerships, which resell The DevOps Platform to large enterprise customers, and our strong channel partnerships ranging from large global systems integrators to regional digital transformation specialists, and volume resellers.
We employ a land-and-expand sales strategy. Our customer journey typically begins with developers and then expands to more teams and up to senior executive buyers. Our Dollar-Based Net Retention Rate was 148% for fiscal 2021. Our cohort of customers generating $5,000 or more in annual recurring
89


revenue, or ARR, which we refer to as Base Customers, grew from 1,662 as of January 31, 2020 to 2,745 as of January 31, 2021.
Our business has experienced rapid growth. We generated revenue of $81.2 million and $152.2 million in fiscal 2020 and 2021, respectively, representing growth of 87.3%. During this period, we continued to invest in growing our business to capitalize on our market opportunity. Our net loss was $130.7 million and $192.2 million in fiscal 2020 and 2021, respectively. Our operating cash flow margin, which we define as operating cash flows as a percentage of revenue, was (74.1)% and (48.4)% for fiscal 2020 and 2021, respectively. Our gross profit was 88% for each of fiscal 2020 and 2021, respectively.
Industry Overview
Important industry and technology trends are fueling the rise of a single application across the DevOps lifecycle. These important tailwinds for our business include:
Digital transformation driven by internal software development is a corporate imperative today irrespective of industry. We are in the midst of a generational disruption whereby non-digital native companies are seeking to become software-led businesses. Each must continually evolve to deliver engaging digital experiences to their customers, build digital-first products on top of new business models, and re-architect their internal technologies and processes to foster a culture of innovation. International Data Corporation, or IDC, estimates that companies globally will spend $6.8 trillion on digital transformation between 2020 and 2023. This also requires that companies develop their own software. IDC anticipates that by 2025, up to a quarter of Fortune 500 companies will become software producers to digitally transform and maintain their Fortune 500 status.
Modern software development requires companies to embrace both DevOps and DevSecOps. DevOps is the set of practices that combines software development (dev) and IT operations (ops). It aims to allow teams to collaborate and work together to shorten the development lifecycle and provide continuous delivery of high quality software. Increasingly, DevSecOps is being adopted to embed security best practices earlier in the development process to enhance security while also maintaining speed. IDC research shows that 81% of enterprises worldwide are investing in DevOps best practices and software tools to accelerate development of important digital software solutions.
Faster time to market through cycle time compression is key to business success. Reducing the cycle times to deliver new software from months to weeks, hours, or minutes is critical to organizational objectives and maintaining industry competitiveness. Innovation requires cycle time compression and moving more quickly from idea to product. It is a strategic priority for organizations to invest in hiring the right people, adopt the right tools, and create processes to bring cycle times down from months to weeks, hours, or even minutes. McKinsey & Company research estimates that a successful DevOps implementation can reduce the number of days to update servers and the IT environment by 90%.
Companies are embracing microservices to enhance their speed and efficiency. Companies are modularizing applications into smaller components through microservices to release new features or amend existing features faster. Microservices has also led to an increase in the number of software projects as it seeks to make each process more digestible, efficient, and faster.
Companies are embracing cloud-first and multi-cloud strategies. Companies have embraced a cloud-first strategy to scale their DevOps initiatives, providing teams with faster, cheaper, and more flexible infrastructure that doesn’t require manual overhead. Further, teams are adopting multiple cloud providers to optimize for the best infrastructure and features for their software projects.
90


Companies are consolidating point tools and adopting full platform services. To streamline efficiency and respond to the growing strain of silos from point tools, fragmentation from point stages, growing number of tools being adopted leading to greater fragmentation and manual integrations to patch everything together, organizations are consolidating point tools and adopting full platform services. According to Gartner, by 2023, 40% of organizations will have switched from multiple point solutions to DevOps value stream delivery platforms to streamline application delivery, versus less than 10% in 2020.
Best-in-class platforms are essential to hiring the right developers. It is a strategic priority for organizations to invest in hiring the best developer talent. In order to hire the best developers, it is essential to have a DevOps platform with good documentation, open transparency, and an engaging community.
Limitations of Alternative Approaches to DevOps
DevOps is an essential and strategic capability for every company today to stay competitive. When DevOps first started, each team bought their own DevOps tools in isolation, leading to a “Siloed DevOps” environment. The next evolution was standardizing company-wide on the same tool for each stage of the DevOps lifecycle (e.g., planning, creating, verifying, and packing). However, these tools were not connected, leading to a “Fragmented DevOps” environment. Companies tried to remedy this fragmentation and inefficiency by manually integrating these DevOps point solutions together defining the next phase: “DIY DevOps”.
Existing approaches to DevOps suffer from some or all of the following limitations:
Built to only address certain stages of the DevOps lifecycle. The underlying architectures and codebases of many DevOps products are or were originally designed to address discrete parts of the DevOps lifecycle. Using these products results in organizations having to build and maintain different codebases and integrations across their fragmented tools to form an end-to-end workflow, which creates hidden costs due to context switching across numerous handoffs, slows down the development cycle and time to market, creates security gaps, and makes it difficult to audit the development process. Further, cobbling together end-to-end DevOps work flows through multiple point solutions results in brittle architectures that easily break when changes are introduced in any of the point solutions. These fundamental constraints put organizations into a forced trade-off, whereby the customers must prioritize cycle time in favor of security or security in favor of cycle time.
Built to only address certain stages of the DevOps lifecycle. DIY DevOps often requires numerous hand-offs and exchanges between teams across disparate toolsets, introducing friction and switching costs, which reduce speed. As a result, organizations who adopt DIY DevOps often have much slower software cycle release times that can be measured in weeks or months instead of minutes or hours. This stunts their innovation and can result in protracted development cycles, having deleterious business impacts irrespective of industry.
Lower operational efficiency, adaptability and output. We believe DIY DevOps makes teams less productive as they spend more of their time managing integrations across their tools rather than building new software and products. These poorly allocated resources detract from an organization’s core focus by inflating costs and lowering revenue generating activities. Further, a subpar developer experience can hurt team member morale, contribute to turnover and low engagement, and make it difficult to attract top talent.
Higher direct and indirect costs. DIY DevOps results in managing relationships, licensing, and procurement across a number of vendors. This results in excess direct costs to the organization. To work together, these tools require integrations, often performed by people using the tools, resulting in time, effort, and resources wasted. Further, this approach creates indirect costs due to lost visibility and transparency resulting from numerous handoffs across stages.
91


High error rates and security vulnerabilities. DIY DevOps requires discrete tools across development, operations and security teams. The loss of context and constant tool switching often leads to lower quality code and likely more security vulnerabilities, which can lead to breaches. Loosely integrated tools combined with a lack of automation results in less code being scanned as it is moved across certain stages, which negatively impacts an organization’s overall security posture. Commonly, vulnerabilities can also be introduced in production code when the slow additional steps required for security testing are partially or fully bypassed in order to meet demanding time-to-market requirements.
Inability to embrace workload portability and a multi-cloud strategy. Platforms with features optimized to run more efficiently on certain clouds limit the ability for organizations to embrace a true multi-cloud strategy. This limits developers’ abilities to choose the DevOps platform based on the best cloud infrastructure for their particular software project or application. It also eliminates their ability to manage and secure their application with full value stream analytics and compliance across clouds, which limits productivity and security posture. Additionally, an overreliance on a single public cloud provider can also create disadvantages with regard to pricing negotiations.
Inability to govern, automate, measure, and analyze leads to poor compliance. DIY DevOps makes it difficult to measure speed and efficiency across the DevOps lifecycle as teams are constantly switching between tools at each stage. This creates a lack of ability to oversee the fulsome process and to analyze and automate the DevOps process as one cohesive unit. Further, organizations are unable to quickly trace issues in production back to the source due to lace of documentation and have difficulty complying with and enforcing both internal and external policies and regulations. As a result, most companies cannot fully comply with their own internal policies or government regulations, constraining their ability to deliver business outcomes through their DevOps initiatives.
Our Solution
GitLab has pioneered The DevOps Platform, a single application that brings together development, operations, IT, security, and business teams to deliver desired business outcomes through efficient software development. It represents a step change in how organizations plan, build, secure and deliver software.
The DevOps Platform is built on a single codebase, unified data model, and user interface. Organizations can deploy The DevOps Platform as a self-managed offering in their own multi-cloud, hybrid-cloud, or on-premises environments, and as a SaaS offering in our own public cloud. The DevOps Platform is designed in a way that enables our customers to move their DevOps workflow across any hybrid or multi-cloud environment while maintaining full feature parity and a single application experience.
The DevOps Platform is purpose-built to address every stage of the DevOps lifecycle:
Manage. Helps teams organize multiple projects into a single collaborative portfolio, track important events across the DevOps lifecycle, measure using key performance indicators how the organization is adopting and performing with DevOps, audit activity and permissions across stages to ensure compliance while simplifying audit, and optimize and analyze the flow of work through the full DevOps value stream.
Plan. To create software, organizations require collaborative planning from disparate groups, each with shared and unique objectives. Planning together in the same system in which all of the work will take place enables faster and more efficient work in all other stages of The DevOps Platform. We enable portfolio planning and management through epics, groups (programs) and milestones to organize and track progress. GitLab helps teams organize, plan, align and track project work to ensure teams are working on the right things at the right time and maintain end to end visibility and traceability of issues throughout the delivery lifecycle from idea to production.
92


Create. Helps teams design, develop and securely manage code and project data from a single distributed version control system to enable rapid iteration and delivery of business value. GitLab repositories provide a scalable single source of truth for collaborating on projects and code which enables teams to be productive without disrupting their workflows.
Verify. Helps software teams fully embrace CI to automate the builds, integration, and verification of their code. GitLab’s CI capabilities enable automated accessibility, usability, and performance testing and code quality analysis to provide fast feedback to developers and testers about the quality of their code. With pipelines that enable concurrent testing and parallel execution, teams quickly get insight about every commit, allowing them to deliver higher quality code faster.
Package. Enables teams to package their applications and dependencies, manage containers, and build artifacts with ease. The private, secure, container and package registries are built-in and preconfigured out-of-the box to work seamlessly with GitLab source code management, or SCM, security scanners, and CI/CD pipelines.
Secure. Provides Static Application Security Testing, or SAST, Dynamic Application Security Testing, or DAST, Fuzz Testing, Container Scanning, and Dependency Scanning to help users deliver secure applications along with license compliance.
Release. Helps automate the release and delivery of applications, shortening the delivery lifecycle, streamlining manual processes, and accelerating team velocity. With zero-touch Continuous Delivery, or CD, built right into the pipeline, deployments can be automated to multiple environments like staging and production, and the system executes without additional manual intervention - even for more advanced patterns like canary deployments. With feature flags, built-in auditing/traceability, on-demand environments, and GitLab Pages for static content delivery, users are able to deliver faster and with more confidence than ever before.
Configure. Helps teams to configure and manage their application environments. Strong integration to Kubernetes reduces the effort needed to define and configure the infrastructure required to support an application. Protects access to key infrastructure configuration details such as passwords and login information by using ‘secret variables’ to limit access to only authorized users and processes.
Monitor. Provides feedback in the form of errors, traces, metrics, logs, and alerts to help reduce the severity and frequency of incidents so that users can release software frequently with confidence.
Protect. Provides cloud native protections, including unified policy management, container scanning, and container network and host security.
Key Benefits Delivered to our Customers
Run their entire DevOps lifecycle from a single application. The DevOps Platform lets our customers operate their entire DevOps lifecycle across a single application. This single codebase, unified data model, user permissioning, and interface can centralize and unify every aspect of our customers’ DevOps lifecycle to streamline workflows and processes, and enhance overall productivity and efficiency.
Enhanced innovation and revenue growth due to faster time to market. The DevOps Platform enables businesses to shorten their cycle times to meet the growing business demand to deliver new capabilities and increase responsiveness to change. With The DevOps Platform, our customers can often increase their software releases from the tens to thousands and reduce the time it takes to release new software from months to days, helping them generate more revenue.
93


Reduce vulnerabilities and increase security. The DevOps Platform lets organizations embed security decisions earlier in the development process, without sacrificing speed or quality. We also eliminate the need for multiple data repositories and reduce the number of hand-offs between development, operations, and security teams. This enables our customers to find and correct security vulnerabilities in their software earlier or eliminate inefficiencies in the software development process altogether.
Enable audit and compliance. The DevOps Platform eliminates fragmented tools and point integrations that create blind spots and poor visibility across work streams. This allows compliance and audit teams to more easily log, track, and trace different steps across the DevOps lifecycle, better understand governance, and improve their compliance posture.
Boost team member morale and productivity. The DevOps Platform enables our customers to spend more time building, deploying, and securing software, and less time managing, integrating, and triaging across different tools. In a single application, each team member can follow the entire lifecycle from beginning to end with contextual history and understanding at each process. This helps to deliver outsized productivity gains, helping our customers increase their revenue and generate greater profits.
Reduce costs by enhancing productivity, consolidating point tools, and eliminating integrations. The DevOps Platform fulfills the functionality of multiple point products, enabling organizations to consolidate the number of tools they use. Further, we also deliver cost savings to our customers by eliminating the hidden costs and time it takes to manually integrate these point products and drive greater efficiency gains and productivity. Based on a 2020 study conducted by Forrester Consulting, commissioned by us of a limited number of our customers, the cost savings and business benefits achievable by deploying The DevOps Platform to revenue-generating applications can enable customers to deliver a 407% return on investment within three years of deployment.
Embrace the benefits of a portable workload and multi-cloud strategy. The DevOps Platform enables application portability by allowing customers to seamlessly secure and manage their applications across clouds. This allows our customers to provide full value stream analytics on their DevOps workflow and simplify their application security and compliance across clouds. It also allows them to optimize their cloud costs and embrace the best services across each cloud, without becoming overly reliant on a single public cloud provider.
Competitive Strengths
Our business benefits from the following competitive strengths:
The DevOps Platform helps our customers transform into software-led businesses. Digital transformation is a board level imperative, and The DevOps Platform is at the center of it. The DevOps Platform allows our customers to successfully embrace the benefits of DevOps, pursue their digital transformation strategies, and create new business value with speed and efficiency. As a result, we often become strategic partners to enable our customers’ most important business outcomes. As becoming a software-led business becomes even more valuable, we believe we have a strong competitive advantage in helping companies undergo this transformation.
Our company is uniquely positioned to achieve our single application vision. The DevOps Platform is purpose-built to address every stage of the DevOps lifecycle as a single application. The majority of our customers begin by using Create and Verify. Developers use Create to collaborate together on the same code base without conflicting or accidentally overwriting each other's changes. Create also maintains a running history of software contributions from each developer to allow for version control. Teams use Verify to ensure changes to code go through defined quality standards with automatic testing and reporting. We believe serving as this system
94


of record for code and our high engagement with developers is a competitive advantage in realizing our single application vision as it creates interdependence and adoption across more stages of the DevOps lifecycle, such as Package, Secure, and Release. As more stages are addressed within a single application, the benefits of The DevOps Platform are enhanced.
Flywheel development strategy accelerates innovation. Our dual flywheel development strategy leverages both development spend from our research and development team members as well as community contributions via our open core business model. By leveraging the power of each, we create a virtuous cycle where more contributions lead to more features, which leads to more users, leading back to more contributions.
We emphasize iteration to drive rapid innovation in our development strategy. Our iterative approach has enabled us to release a new version of our software on the 22nd day of every month for 115 months in a row as of April 30, 2021. This is also due in part to our over 2,400 contributors in our global, open source community as of April 30, 2021. Finally, GitLab team members use The DevOps Platform to power our own DevOps lifecycle. By doing so, we benefit from the inherent advantages of using The DevOps Platform. We leverage these learnings to establish a rapid feedback loop to continually and rapidly improve The DevOps Platform
Large open source installed base that leads to paying customers. We provide users of The DevOps Platform with a free tier to encourage adoption, solicit contributions, and increase the overall awareness of The DevOps Platform. This leads to deep familiarity and affinity for The DevOps Platform, which serves as a highly targeted and efficient source to convert prospective customers into paid customers. We believe this provides us with a competitive advantage as the more users who can act as evangelists for The DevOps Platform within a company the easier it is for us to secure new paying customers or expand within existing customers.
Cloud neutrality, hybrid and data center delivery, and workload portability. The DevOps Platform is designed in a way that enables our customers to manage and secure their entire DevOps workflow across any hybrid or multi-cloud environment. It also allows our customers to maintain full feature parity and a single application experience across clouds. This enables our customers to select the best cloud provider for them and optimize for their best features when deciding where to host their DevOps projects. Additionally, it allows our customers to avoid vendor lock-in and overreliance on a single cloud provider. We believe this provides us with a competitive advantage to help empower our customers to embrace the full benefits of a multi cloud strategy.
We are agnostic as to who we serve, how we sell, and where we deploy. The DevOps Platform can be adopted by companies and teams of all sizes, ranging from small businesses to the world’s largest enterprises. Our go-to-market strategy spans from self-service tiers, to high-velocity inside sales, to dedicated enterprise sales. Even with our largest customers, the initial sale sometimes takes place at a smaller team, and is then capable of scaling wall to wall across the organization. Further, our customers are able to deploy The DevOps Platform in their own cloud environments, or in our own public cloud. This deployment flexibility enables us to target customers across regulated verticals such as financial services and the public sector. Collectively, we believe this provides us with a competitive advantage to target a broader addressable market of companies, verticals, and users.
Pioneer in all-remote work since inception enhances our brand with customers and team members. We have been a fully distributed company since our inception, leading to best practices, thought leadership, and branding as a pioneer in all-remote work. We have been identified by Inc. as one of its Best Workplaces since 2019 due to our commitment to an all-remote workforce. As remote work has become a more popular topic after the COVID-19 pandemic, it has enhanced our overall company brand with new and existing customers and team members. Additionally, being an all-remote company provides us with broader access to talent
95


across the globe. This provides us with a competitive advantage to hire team members with diverse, specialized, and highly in-demand skills that other employers with physical locations or less advanced remote work practices may not have access to.
Our Growth Strategy
We intend to invest in our business to advance adoption of The DevOps Platform. Our growth strategies include:
Advance our feature maturity across more stages of the DevOps lifecycle. We intend to continue making investments in research and development and hiring top technical talent to mature our features in more stages of the DevOps lifecycle. For example, in fiscal 2021, we have invested a significant portion of our human capital costs focused on development into the secure, manage, and plan phases. We will continue to make many of our features open source or source-code available to encourage contributions, which in turn, accelerates our ability to innovate and provide a better platform to our customers.
Drive growth through enhanced sales and marketing. We believe that nearly all organizations will modernize from DIY DevOps into DevOps platforms and that the opportunity to continue growing our customer base is substantial. To drive new customer growth, we intend to continue investing in sales and marketing, with a focus on replacing DIY DevOps within larger organizations. We also continue to focus on acquiring users with our free product and converting free users to paying customers, with a special focus on improving the self-service purchasing experience.
Drive increased expansion within our existing customer base. As customers realize the benefits of a single application they typically increase their spend with us by adding more users or purchasing higher tiered plans. As a result, our Dollar-Based Net Retention Rate was 148% for fiscal 2021. We plan to continue investing in sales and marketing, with a focus on driving expansion of The DevOps Platform within existing customers, particularly for our larger customers.
Further grow adoption of our SaaS offering. As organizations move more workloads to the cloud and consume technology as a service, we believe our SaaS offering will continue to grow at a faster rate than our self-managed offering. We intend to continue making investments in research and development to enhance new SaaS features, as well as in sales and marketing, to drive further adoption of our SaaS offering.
Grow and invest in our partner network. In fiscal 2020, we began investing in our global partner ecosystem, composed of hyperscalers and cloud providers, including AWS, technology and independent software vendor partners, global resellers, and system integrators. We plan to continue investing in building out our partner program to expand our distribution footprint, to broaden the awareness of The DevOps Platform, and to more efficiently add new customers. We will also continue to invest in building out our partnerships to deliver transformation services to help our enterprise customers accelerate the deployment of The DevOps Platform.
Expand our global footprint We believe there is significant opportunity to continue to expand internationally. We grew our international revenue from $13.4 million for fiscal 2020 to $26.2 million for fiscal 2021, representing an increase of 95%. We intend to grow our international revenue by increasing our investments in our international sales and marketing operations including headcount in the EMEA and APAC regions.
Our Unique Culture and Values
Our success is driven by our culture. We believe that our values and culture are a competitive advantage within our industry, and we will continue to invest time and resources in building our culture to
96


drive superior business results. We are highly dependent on our management, highly-skilled engineers, sales team members and other professionals. It is crucial that we continue to identify, attract and retain valuable team members. To facilitate hiring and retention, we strive to make GitLab a diverse, inclusive workplace where every team member feels they belong and have the opportunity to grow and develop their careers.
We were recognized by Inc. as one of 2021’s Best Places To Work and have a 98% CEO approval rating and a 4.6 overall workplace approval rating on Glassdoor.com, as of July 3, 2021. As a result, we trust that our values have led and will continue to lead to results that distinguish us from other companies. They include:
Our mission is to ensure that everyone can contribute. This mission guides our path, and we live our values along that path. Our values are a living document, and we encourage our team members to make suggestions to improve our company values constantly. In 2020 alone, we had approximately 100 contributors to our Handbook. We have established six core C.R.E.D.I.T. values:
Collaboration - Helping others is a priority; we rely on each other for help and advice
Results - We do what we promise to each other, customers, users, and investors
Efficiency - We are about working on the right things to achieve more progress faster
Diversity, Inclusion & Belonging - We aim to foster an environment where everyone can thrive
Iteration - We do the smallest thing possible and get it out as quickly as possible
Transparency - We strive to be open about as many things as possible to reduce the threshold to contribution and to make collaboration easier.
Measure results, not hours. Our all-remote culture helps us to practice our values. We believe we were the largest all-remote company in the world prior to the COVID-19 pandemic and as a result we are able to recruit from a wider, more diverse, and more uniquely skilled pool of talent across the world. The freedom and flexibility that comes with an all-remote workforce enables team members to view work in an entirely new light, one which focuses on results and productivity over the number of hours spent working. For example, product engineers have measurable objectives to hit rather than prescribed hours to work. Team members have on-call shifts based on when they are most productive and best able to contribute to our success.
We seek to be transparent in everything we do. We publicly share information, including our strategy and objectives in written form to encourage innovation and trust amongst our team members, customers, and the wider open source community. Our process of being public by default reduces the threshold to contribution and makes collaboration easier. Transparency creates awareness for GitLab, allows us to recruit people who care about our values, gets us more and faster feedback from people outside the company, and makes it easier to collaborate with them. We believe that the open core model creates more value than it captures, and our ability to execute on our strategy far exceeds the abilities of our competitors.
We do the smallest thing possible and get it out as quickly as we can. We aim to take an iterative approach in everything we do, including our day to day work and building The DevOps Platform. Our process is centered on dividing work into small increments, not completing everything at once, and pursuing each stage with speed and efficiency. Approaching work this way, we are able to rapidly get input from end-users who are actively using it, continuously revisit what we are doing with a fresher perspective, and gradually gain a greater sense of visibility into
97


what the end picture should look like. By adopting this approach we are able to work with a greater sense of speed and efficiency, getting more done in less time.
Our Open Source Philosophy
We recognize that we need to balance our need to generate revenue with the needs of the open source software project. To determine what is available in our free tier and what is available only in our paid tiers, we first assess who cares the most about the feature. Individual contributors rarely purchase The DevOps Platform, and thus, if the feature is something primarily individuals care about it will be open source. If the features are something primarily managers, directors, or executives care about then it will be source-available. When considering buyers as part of product tiering decisions we use the following guidance:
Premium is for team(s) usage, with the purchasing decision led by one or more Directors
Ultimate is for strategic organizational usage, with the purchasing decision led by one or more Executives
We want to be good stewards of our open source, so we aim to provide much of The DevOps Platform to the market for free. Having all stages of the platform available to users for free encourages cross-stage adoption and more collaboration and helps users see the benefit of a single application approach. Including all major features in our free tier helps us keep our codebase for the free and paid tiers similar, which helps us carry forward our promise of being good stewards of our open source without diverging codebases. We seek to clearly and consistently articulate our monetization strategy on teams and organizations to provide predictability to both our customers as well as the community of contributors.
Our open source approach is intended to increase our development velocity as the developer pool who contributes to our codebase is greater than the size of any single engineering organization. As of June 30, 2021, more than 3,000 individuals have contributed to The DevOps Platform and since April 30, 2019 community contributions have averaged more than 200 per month. Because people outside of our organization can read our code, users can contribute to identifying and solving issues, which accelerates the time we can release new software to market. This has also been a big contribution to enabling us to release a new version of our software for 115 months in a row and counting as of April 30, 2021.
We believe our open source approach helps us acquire, retain, and grow our paying customer base. They benefit from the advanced innovation that comes from distributed development, the documentation, best practices, and knowledge sharing across our community, as well as the engagement of making their own contributions back to our codebase.
The DevOps Platform and Plans
We offer The DevOps Platform in three different subscription plans: Free, Premium and Ultimate. While our Free tier platform includes significant functionality for individual users, our paid tiers include features that are more relevant for managers, directors, and executives.
Our Free Plan caters to capabilities needed by individual contributors to do their daily jobs.
Our Premium Plan builds on the capabilities of the Free Plan while also adding functionality intended specifically for managers and directors to help teams enhance collaboration between development and operations teams, manage projects and portfolios, and accelerate the deployment of code.
Our Ultimate Plan provides further functionality for executives and with functions to help organizations establish better collaboration between development, operations, and security teams, instill organizational wide security, compliance and planning practices, and implement full value stream measurement, analytics, and reporting, across the DevOps lifecycle.
98


Our subscription plans are available as a self-managed offering which customers download to run in their own public, private, or hybrid cloud environments, and also a SaaS offering which is managed by us and hosted in the public cloud.
Premium Plan Features
Our Premium Plan includes several features that allow for streamlined code reviews, provide operational insights to teams, conduct project management tasks, and implement efficient release controls. Notable features in this tier include:
Faster code reviews. GitLab streamlines code reviews and enables development teams to collaborate, review and improve their code. Notable capabilities include:
Code Owners. Defines who owns specific files or paths in a repository, understands who is responsible to locate relevant team members to seek guidance from, and locates the right team members to review or approve code merge requests.
Pipelines for Merged Results. Run special pipelines as if the changes from the source branch have already been merged into the target branch to simplify developers workflow and improve stability.
Operational insights. GitLab provides comprehensive capabilities to help teams and leaders understand each team’s operational health, deployment health, and SLAs. Notable capabilities include:
Operations Dashboard. Provides team leaders and team members a centralized visual to understand each project's operational health including pipeline and alert status.
Environments Dashboard. Provides a cross-project environment-based view that lets Operations team members track progress as changes flow from development, to staging, to production. Understands which pipelines are working and which are not and diagnose and investigate problems.
Project management. GitLab enables business stakeholders and development and operations teams to collaborate to understand product trade offs from the business and technical side, prioritize which features to deliver to customers, better understand the velocity in which those features can be deployed, and better realize the value being delivered to customers. Notable capabilities include:
Epics. Embrace agile and DevOps practices by managing many multiple small items and tasks in Epics. Share these themes across projects and milestones to help manage project planning, scale of work planning, and tracking of issue status.
Roadmaps. Help customers prioritize their product roadmaps and executives understand key timelines and status tracking for associated milestones.
Release controls. GitLab enables development and operations teams to work closely deploy software faster and more efficiently into production. Notable capabilities include:
Protected Environments. Ensure that only people with the right privileges can make requests to deploy code into production to prevent unauthorized people from making potentially harmful changes and ensuring security.
Robust deploy and rollback bundle. Enable customers to release production changes to only a portion of their Kubernetes pods as a risk mitigation strategy. By releasing production changes gradually, error rates or performance degradation can be monitored, and if there are no problems, all pods can be updated. Supports both manually triggered
99


and timed rollouts to a Kubernetes production system using Incremental Rollouts or redeploy an older version.
Ultimate Plan Features
In addition to all the features available in our Premium Plan, our Ultimate Plan provides users with many additional features. Key features include:
Advanced security testing. Built-in to GitLab, our security includes SAST, DAST, Dependency Scanning, Container Scanning, and License Compliance - all in one application - with no integrations required. By tightly embedding security into the development and deployment of software we can:
Allow developers to rapidly scan for security flaws. With GitLab, developers can conduct security scans with every commit with minimal incremental effort, report security issues directly into pipelines and merge requests, and eliminate context switching to proactively secure applications.
Provide security professionals with visibility into the development process to identify vulnerabilities earlier in the development cycle. With GitLab, security professionals can access a shared view with development, use a security dashboard to assess vulnerabilities and assign or resolve issues through a security dashboard, and avoid the need to manage or maintain several different security tools.
Allow CTOs, CIOs, and CISOs to juggle security and business agility. With GitLab, CTOs, CIOs, and CISOs can have one license cost for integrated security, development, and operations. This reduces delays in software development for security concerns, and enables scanning applications constantly without incremental costs.
Compliance management. Our compliance management aims to create an experience that is simple, friendly, and as frictionless as possible by enabling customers to define, enforce and report on compliance policies and frameworks. Key capabilities include:
Policy Management. Defines rules and policies to adhere to compliance frameworks - either internal company policies or policies based on legal or regulatory frameworks.
Automate Compliance Workflows. Manages compliance controls and automation of compliance workflows, which focus on enforcing policies, and maintaining separation of duties while reducing overall risk.
Audit Management. Logs activities to identify incidents and prove adherence to compliance rules and policies defined. Compliance Dashboard provides compliance insights in a consolidated view with relevant compliance signals such as segregation of duties, framework compliance, license compliance, pipeline, and MR results.
Security Management. Improves security scanning and license compliance for every piece of code and a dashboard to track and manage vulnerabilities.
Portfolio management. Our portfolio management tools drive strategic alignment across the organization to ensure teams have the correct information, and are empowered to execute efficiently. Advanced portfolio management capabilities include multi-level epics for organizations with complex large interdisciplinary initiatives, issue and epic health reporting for visibility into the health of the initiatives, portfolio level roadmaps to help bring in executives into the process, and an ability to run SAFe (Scaled Agile Framework).
Value stream analytics. Measure platform stability and other post-deployment performance KPIs, and set targets for customer behavior, experience, and financial impact. Create views that
100


manage products, not projects or repositories, and provide users with a more relevant data set. Since GitLab is a tool for the entire DevOps lifecycle, information from different workflows is integrated and can be used to measure the success of the teams. The DevOps Research and Assessment (DORA) team developed four key metrics that the industry has widely adopted. GitLab supports two of the four DORA4 metrics: deployment frequency and lead time for changes and provides temporal dashboards to identify the behavior of the metrics over time and inform iterations to improve them.
Research and development strategy
We ship features and components of features at a high velocity in the smallest possible increments to optimize for code quality, efficiency and speed. As each feature is typically similar in size, we are able to measure and track our development team's efficacy by counting the number of merge requests, a “request to merge one branch of code into another”. We believe that our development approach, using the DevOps Platform, is a key competitive advantage.
We make product investment decisions based on each stage’s contribution to revenue, monthly active usage, and served addressable market size. Currently the majority of our development costs are in Create (Source Code Management), Verify (Continuous Integration), Secure (Application Security Testing), and Manage (Analytics and Administrative capabilities).
Our research and development team consists of our architects, software engineers, security experts, DevOps engineers, product management, quality assurance, and data collection teams. We intend to continue to invest in our research and development capabilities to extend The DevOps Platform and products.
Our Technology
Our single application strategy means that we have one codebase to author, test, secure, package, and distribute. This also means we are able to give users the most choice. Our customers can use a SaaS subscription or run The DevOps Platform themselves in a self-managed way in their own cloud environments. For self-managed users GitLab is the only truly public-cloud-agnostic solution. The DevOps Platform can also run it in our customers own data centers if they wish. They can also choose to run GitLab on traditional servers, or they can use containers and an orchestration system like Kubernetes.
From an end user standpoint our single application strategy provides one consistent user interface across all stages of the DevOps lifecycle. We see this result in a manifold reduction in lifecycle time for software development teams. For integrators, GitLab has a single API to write integrations against, as opposed to a fragmented tool chain. For IT system administrators and internal security teams this also means they have one application environment and authentication system to inspect and certify according to their company’s standards.
Our Customers
We serve organizations of all sizes across industries and regions. As of January 31, 2021, we had customers in over 144 countries. Our customer growth is best represented by the number of our Base Customers, which increased from 1,662 as of January 31, 2020 to 2,745 as of January 31, 2021. In 2019 we began to invest more heavily in our enterprise sales motion and have had strong success in attracting, retaining, and growing ARR from our larger customers. Our success has been exemplified by the growth in our $100,000 ARR customers from 173 as of January 31, 2020 to 283 as of January 31, 2021. Further, during these same periods we grew our $1.0 million ARR customers from 11 to 20. We have key reference customers across a breadth of industry verticals that we believe validate The DevOps Platform, and our customers range from small and medium-sized organizations to Fortune 500 companies. No customer represented more than 5% of our revenue in fiscal 2020 or fiscal 2021.
101


Sales and marketing
Our go-to-market strategy spans a self-service buying experience, high velocity inside sales, and a dedicated outbound enterprise sales team. We segment our sales organization by size and region, with an additional vertical focus on the public sector. Our sales organization succeeds because of our transparent, cross-functional collaboration and a commitment to over-performance, efficiency, diversity, and constant improvement.
Our customer success team, or CS, manages our technical relationships with customers both pre-sale and long-term partnerships post-sale. CS works to help customers achieve positive business results with GitLab by building awareness, adoption, usage, performance, and modern DevOps capabilities. We believe this focus on business results and engaged partnership maximizes long-term, sustainable customer value and drives expansion with our existing customers.
Through our commitment to open collaboration, we also have select technology and channel partners who increase efficient access to new customers and support growth of existing customers through trusted relationships, existing contracts, service delivery capability and capacity, and collaboration on large digital transformations. These partners include systems integrators, cloud platform partners, independent software vendors, managed service providers, resellers, distributors, and ecosystem partners. Our partnership program provides additional rewards for partners that make commitments to and investments in a deeper GitLab relationship.
Our marketing department is focused on generating awareness of The DevOps Platform to our developer community, existing customers and users, and potential customers. We utilize diverse tactics such as digital demand generation, account based marketing, nurture programs, sales development, virtual and field events, sponsored webcasts, gated content downloads, whitepapers, display advertising and integrated campaigns to connect with prospective customers. We also host and present at regional, national and global events, including our own annual user conference called “Commit,” to engage both customers and prospects.
We offer our Free tier and/or a free trial to prospective customers allowing them to try before they buy, allowing customers to see the strengths of The DevOps Platform and the business benefits. We are then able to engage with these users to encourage them to upgrade to a paid version. Once a customer is onboarded with GitLab, our teams work to identify additional business units and parent/child/subsidiary prospects that would benefit from The DevOps Platform. Finally, as engaged members of the open-source community, our contributors often serve as subject matter experts at market-leading developer events, and The DevOps Platform is presented on the cutting edge of innovation.
Competition
The markets we serve are highly competitive and rapidly evolving. With the introduction of new technologies and innovations, we expect the competitive environment to remain intense.
We view our primary current competition as customers’ legacy approach of DIY DevOps, using a combination of point tools manually integrated together. Our offering is substantially different in that it is one platform, one codebase, one interface and a unified data model that spans the entire DevOps lifecycle. We expect that the competition from DIY DevOps will decrease over time as companies realize the shortcomings in this approach. To ensure easy transitions for customers and support for dependencies on internal and external tools, we support staged adoption while continuing the use of some legacy tools.
Beyond this legacy approach of DIY DevOps, our principal competitor is Microsoft Corporation following their acquisition of GitHub. There are also a number of other private and public companies whose products address only a portion of the DevOps lifecycle and/or are cobbled together from several point solutions. These are essentially third-party DIY DevOps and are not a single application.
102


We believe we compete favorably based on the following competitive factors:
ability to provide a single application that is purpose-built to span the entire DevOps lifecycle;
ability to rapidly innovate and consistently ship and release more features and versions of our software;
maturity of features in the Create (source code management) and Verify (continuous integration) stages;
ability to run natively across any public cloud, private cloud, hybrid cloud, or on-premises environment;
ability to enable collaboration between developers, IT operations, and security teams;
ability to reduce handoffs, friction, and switching costs across different stages of the DevOps lifecycle;
ability to reduce software development times to release better software faster;
ability to consolidate multiple tools into a single platform;
ability to eliminate manual integrations that are costly and time-effective to maintain;
ability to provide a seamless, consistent, and single user experience through one user interface;
ability to deliver a large, engaging community of open source contributors;
performance, scalability, and reliability;
ability to implement strong security and governance;
quality of service and overall customer satisfaction; and
strong documentation and transparency of information.
Team Members
Our mission is to create a world where everyone can contribute. When everyone can contribute, consumers become contributors, and we greatly increase the rate of human progress through changing creative work from unilateral read-only to collective collaboration and innovation. This mission is integral to our culture, and how we hire, build products, and lead our industry. The DevOps Platform brings together developers, operations and security professionals and elevates their innovation to new levels, making it faster, safer, and more accessible. We are an all-remote company, and we pride ourselves in how we work through enabling our team members the individualized flexibility to reach their business results. We believe this leads to a team that is continually engaged and passionate about the positive impact of The DevOps Platform.
As of April 30, 2021, we had approximately 1,300 team members in over 65 countries. We engage our team members in various ways, including through direct employment, PEOs, and as independent contractors. In the locations where we use PEOs, we contract with the PEO for it to serve as “Employer of Record” for team members engaged through the PEOs. Team members are employed by the PEO but provide services to GitLab. We also engage team members through a PEO self-employed model in certain jurisdictions where we contract with the PEO, which in turn contracts with individual team members as independent contractors. None of our team members are represented by a labor union. In certain countries in which we operate, we are subject to, and comply with, local labor law requirements which may automatically make our team members subject to industry-wide collective bargaining agreements or works counsel. We have not experienced any work stoppages. We work to identify, attract,
103


and retain team members who are aligned with and will help us progress with our mission, and we seek to provide competitive cash and equity compensation. We believe we have a strong and open relationship with our team members and our unique mission, culture and values differentiate us and continue to be key drivers of our business success.
Intellectual property
The protection of our technology and intellectual property is an important aspect of our business. We rely upon a combination of trademarks, trade secrets, know-how, copyrights, patents, confidentiality procedures, contractual commitments, domain names, and other legal rights to establish and protect our intellectual property. We generally enter into confidentiality agreements and invention or work product assignment agreements with our officers, team members, agents, contractors, and business partners to control access to, and clarify ownership of, our proprietary information.
As of April 30, 2021, we had five issued patents and one pending patent application in the United States and abroad. These patents and patent applications seek to protect proprietary inventions relevant to our business. These issued patents are scheduled to expire on or around the years between 2034 and 2036 and cover various aspects of The DevOps Platform and technology.
As of April 30, 2021, we had three trademark registrations in the United States, including registrations for “GITLAB” and our logo. We also had 14 trademark registrations and applications in certain other jurisdictions and regions. Additionally, we are the registered holder of a number of domain names, including gitlab.com.
We are dedicated to open source software. Our product incorporates many components subject to open source software licenses, and in turn we license many significant components of our software under open source software licenses. Such licenses grant licensees broad permissions to use, copy, modify and redistribute the covered software which can limit the value of our software copyright assets.
Legal proceedings
We are, and from time to time, we may become involved in legal proceedings or be subject to claims arising in the ordinary course of our business. We are not presently a party to any legal proceedings that in the opinion of our management, if determined adversely to us, would individually or taken together have a material adverse effect on our business, financial condition or operating results.
Defending such proceedings is costly and can impose a significant burden on management and team members. The results of any current or future litigation cannot be predicted with certainty, and regardless of the outcome, litigation can have an adverse impact on us because of defense and settlement costs, diversion of management resources and other factors.
104


MANAGEMENT
Executive Officers and Non-Employee Directors
The following table provides information regarding our executive officers, and non-employee directors as of April 30, 2021:
NameAgePosition(s)
Executive Officers:
Sytse Sijbrandij41Founder, Chief Executive Officer and Chairman of the Board
Brian Robins51Chief Financial Officer
Eric Johnson42Chief Technology Officer
Michael McBride48Chief Revenue Officer
Robin J. Schulman48Chief Legal Officer and Corporate Secretary
Non-Employee Directors:
Matthew Jacobson37Director
David Hornik52Director
Sue Bostrom60Director
Karen Blasing65Director
Godfrey Sullivan67Director
Merline Saintil45Director
_______________
(1)Member of the audit committee.
(2)Member of the Compensation and Leadership Development committee.
(3)Member of the nominating and corporate governance committee.
Executive Officers
Sytse Sijbrandij is our founder and has served as our Chief Executive Officer and a member of our board of directors since September 2014, and as Chairman of our Board of Directors since March 2021. From January 2008 to August 2012, Mr. Sijbrandij served as a founder at Comcoaster, a software company. From August 2009 to January 2012, Mr. Sijbrandij also served as a part-time Software Architect at Ministerie van Justitie, the Dutch Ministry of Safety & Justice. From November 2003 to December 2007, Mr. Sijbrandij was the Operational Director at U-Boat Worx B.V., a recreational submersible company. Mr. Sijbrandij earned a B.S. and M.S.c. from the University of Twente in Management Science. We believe Mr. Sijbrandij is qualified to serve as a member of our board of directors because of the historical knowledge, operational expertise, leadership, and continuity that he brings to our board of directors as our Founder and Chief Executive Officer.
Brian Robins has served as our Chief Financial Officer since October 2020. Since April 2019, Mr. Robins has also served as a Special Advisor at Brighton Park Capital, L.P., an investment firm that specializes in software, information services and technology-enabled services as well as on the Advisory Council at ForgePoint Capital Cybersecurity, an investment firm specializing in cybersecurity, since January 2017. Prior to joining us, from October 2019 to October 2020, Mr. Robins served as Chief Financial Officer at Sisense Ltd., a business intelligence software company, and from August 2017 to April 2019, he served as Chief Financial Officer and Treasurer of Cylance Inc., a cybersecurity software company. Mr. Robins also served as Chief Financial Officer of AlienVault, Inc. a unified security management software company, from June 2015 to August 2017. From October 2012 to March 2014, he served as the Vice President and Chief Financial Officer of Global Business Services at Computer Sciences Corporation, a global information technology company. From February 2007 to October 2011,
105


he held several senior positions at VeriSign, Inc., including Chief Financial Officer from August 2009 to October 2011 and Acting Chief Financial Officer from April 2008 to August 2009. Mr. Robins earned a B.S. in Finance from Lipscomb University and an M.B.A from Vanderbilt University.
Eric Johnson has served as our Chief Technology Officer since March 2021. Mr. Johnson previously served as our Executive Vice President of Engineering from February 2020 to March 2021 and VP of Engineering from September 2017 to February 2020. Since February 2021, Mr. Johnson has also served as a Director of the Linux Foundation, a non-profit technology consortium company. Prior to joining us, from July 2014 to May 2017, Mr. Johnson served as the Vice President of Engineering at Unmanned Innovation, Inc., a commercial drone startup company. Prior to his role at Unmanned Innovation, Inc., from June 2008 to July 2014, he served as the Senior Director of Web at Brightcove Inc., an online video software company. Mr. Johnson earned a B.A. in Philosophy from Villanova University.
Michael McBride has served as our Chief Revenue Officer since May 2018. Prior to joining us, from March 2013 to February 2017, he served as the Senior Vice President of Worldwide Field Operations at Lookout, Inc., a cybersecurity company. Prior to joining Lookout, Inc., from July 2011 to March 2013, Mr. McBride served as the Vice President of Platform at DeNA. Co., Ltd, a mobile social games, development, and commercial platforms company. DeNa acquired Lionside where Michael served as Vice President, Business Operations from March 2010 to June 2011. Prior to his roles at DeNA and Lionside, Mr. McBride served as Vice President, Worldwide Sales at Meraki from May 2007 to March 2010. Mr. McBride earned a B.S. in Mechanical Engineering from Stanford University and an M.B.A from Stanford University Graduate School of Business.
Robin J. Schulman has served as our Chief Legal Officer and Corporate Secretary since December 2019. Prior to joining us, from February 2018 to November 2019, Ms. Schulman served as the Senior Vice President, Chief Legal Officer, and Corporate Secretary at Couchbase, Inc., a computer technology company. Prior to Couchbase, Inc., from December 2013 to February 2018, Ms. Schulman served as the General Counsel, Corporate Secretary, and Chief Compliance Officer at New Relic, Inc., an enterprise software company. From September 2006 to April 2010, Ms. Schulman served as an Associate at Fenwick & West LLP, a law firm providing legal services to technology and life science companies. Ms. Schulman earned a B.F.A. in Dramatic Writing and Film from New York University and a J.D. from Rutgers University School of Law.
Non-Employee Directors
Matthew Jacobson has served as a member of our board of directors since August 2018. Mr. Jacobson has served as a General Partner at ICONIQ Capital since September 2013. Mr. Jacobson has served on the board of directors of Datadog, Inc., a monitoring and data analytics company since July 2019 and Sprinklr, Inc., an enterprise software company, since December 2014. Mr. Jacobson earned a B.S. in Finance and Management from the Wharton School of the University of Pennsylvania. We believe that Mr. Jacobson is qualified to serve as a member of our board of directors because of his executive leadership experience and extensive experience with the venture capital and technology industries.
David Hornik has served as a member of our board of directors since January 2019. Mr. Hornik has served as a Founding Partner at Lobby Capital since January 2021 and as a General Partner at August Capital since June 2000. He also has served as a board member of Fastly, Inc. a cloud computing company, since March 2013 and at Bill.com Holdings, Inc., a financial software platform company, since May 2009. Mr. Hornik earned a B.A. in Computer Music from Stanford, a Master of Philosophy from Cambridge University, and a J.D. from Harvard Law School. We believe that Mr. Hornik is qualified to serve as a member of our board of directors because of his extensive experience in the technology field, his experience as a director of public companies, and his experience with the venture capital and technology industries.
Sue Bostrom has served as a member of our board of directors since April 2019. Ms. Bostrom served as Executive Vice President and Chief Marketing Officer at Cisco Systems, Inc., a technology services
106


and products company, from 1997 to 2011. Ms. Bostrom has served as a member of the board of directors of Nutanix, Inc., a virtualized datacenter platform company, since October 2017, Anaplan, Inc., a business planning software platform company, since September 2017 and ServiceNow, Inc., a cloud-based solutions software company, since July 2014. Ms. Bostrom earned a B.S. in Business from the University of Illinois and an M.B.A. from Stanford University. We believe that Ms. Bostrom is qualified to serve as a member of our board of directors because of her executive leadership experience, audit committee experience, and experience as a director of public companies.
Karen Blasing has served as a member of our board of directors since August 2019. Ms. Blasing served as Chief Financial Officer of Guidewire Software, Inc., a back-end systems software company, from July 2009 to March 2015. Ms. Blasing has served as a member of the board of directors of AutoDesk, Inc., a 3D design software company, since March 2018, and Zscaler, Inc., a cloud-based information security company, since January 2017. Ms. Blasing earned a B.A. in Economics and Business Administration from the University of Montana and an M.B.A. from the University of Washington. We believe that Ms. Blasing is qualified to serve as a member of our board of directors because of her executive leadership experience, extensive experience in the technology field, extensive finance experience, and her experience as a director of public companies.
Godfrey Sullivan has served as a member of our board of directors since January 2020 and as our lead independent director since March 2021. Mr. Sullivan served as President and CEO of Splunk Inc., an operational intelligence software company from 2008 to November 2015. Prior to that, Mr. Sullivan served as President and CEO of Hyperion Solutions, LLC, a business performance management software company, from October 2001 to June 2007. Prior to joining Hyperion Solutions, LLC, Mr. Sullivan served in roles of increasing responsibility from August 1992 to June 2000 at Autodesk, Inc., a 3D design software company. Prior to joining Autodesk, Inc., Mr. Sullivan served in roles of increasing responsibility from 1985 to 1992 at Apple, Inc., a multinational technology company. Mr. Sullivan has served as a member of the board of directors of CrowdStrike, Inc. a cybersecurity technology company, since November 2017, Splunk Inc., from 2008 to March 2019, and Citrix Systems Inc., an enterprise software company, from February 2005 to June 2018. Mr. Sullivan earned a B.B.A. in Real Estate and Economics from Baylor University. We believe that Mr. Sullivan is qualified to serve as a member of our board of directors because of his executive leadership experience and extensive experience as a director of public companies.
Merline Saintil has served as a member of our board of directors since November 2020. Ms. Saintil served from November 2014 to August 2018, as Head of Operations of Product and Technology at Intuit Inc., a financial management solutions software company, and as Head of Operations of Mobile and Emerging Products at Yahoo! Inc., an online web portal company, from January 2014 to November 2014. Ms. Saintil has served as Lead Independent Director since June 2021 at Rocket Lab USA, Inc, a rocket systems and technology company, as a board member of Alkami Technology, Inc., a cloud-based digital banking software company, since October 2020, and ShotSpotter, Inc., a gunfire detection technology company, from April 2019 to June 2021. Ms. Saintil earned a B.S. from Florida Agricultural and Mechanical University and an M.S. from Carnegie Mellon University. We believe that Ms. Saintil is qualified to serve as a member of our board of directors because of her executive leadership experience, product experience, and extensive experience in the technology field.
Family Relationships
There are no family relationships among any of our executive officers or directors.
Code of Business Conduct and Ethics
We will adopt, effective prior to the completion of this offering, a code of business conduct and ethics that applies to all of our team members, officers, and directors, including our Chief Executive Officer, Chief Financial Officer, and other executive and senior financial officers. The full text of our code of business conduct and ethics will be posted on the investor relations page on our website. We intend to
107


disclose any amendments to our code of business conduct and ethics, or waivers of its requirements, on our website or in filings under the Exchange Act.
Board of Directors
Our business and affairs are managed under the direction of our board of directors. Our board of directors currently consists of eight directors. Pursuant to our restated certificate of incorporation, as currently in effect, and our current voting agreement, our current directors were elected as follows:
Sytse Sijbrandij and Sue Bostrom were elected as the designees nominated by holders of our common stock;
Karen Blasing, Godfrey Sullivan, and Merline Saintil were elected as the designees nominated by holders of our common stock and convertible preferred stock, voting together, as a single class;
Bruce Armstrong was elected as the designee nominated by holders of our Series A convertible preferred stock, prior to his resignation from our board of directors;
David Hornik was elected as the designee nominated by holders of our Series B convertible preferred stock; and
Matthew Jacobson was elected as the designee nominated by holders of our Series D convertible preferred stock.
Our voting agreement will terminate and the provisions of our current amended and restated certificate of incorporation by which our directors were elected will be amended and restated in connection with this offering and, following this offering, there will be no contractual obligations regarding the election of our directors. After this offering, the number of directors will be fixed by our board of directors, subject to the terms of our restated certificate of incorporation and restated bylaws that will become effective immediately prior to the completion of this offering. Each of our current directors will continue to serve as a director until the election and qualification of their successor, or until their earlier death, resignation, or removal.
Classified Board of Directors
Upon the completion of this offering, our board of directors will consist of      members and be divided into three classes of directors that will serve staggered three-year terms. At each annual meeting of stockholders, a class of directors will be elected for a three-year term to succeed the same class whose term is then expiring. As a result, only one class of directors will be elected at each annual meeting of our stockholders, with the other classes continuing for the remainder of their respective three-year terms. Our directors will be divided among the three classes as follows:
the Class I directors will be          ,            and          , and their terms will expire at the first annual meeting of stockholders to be held after the completion of this offering;
the Class II directors will be          ,            and          , and their terms will expire at the second annual meeting of stockholders to be held after the completion of this offering; and
the Class III directors will be          ,           and          , and their terms will expire at the third annual meeting of stockholders to be held after the completion of this offering.
Each director’s term continues until the election and qualification of his or her successor, or his or her earlier death, resignation, or removal. Our restated certificate of incorporation and restated bylaws to be in effect upon the completion of this offering will authorize only our board of directors to fill vacancies on our board of directors. Any increase or decrease in the number of directors will be distributed among the three classes so that, as nearly as possible, each class will consist of one-third of the directors. This
108


classification of our board of directors may have the effect of delaying or preventing changes in control of our company. See the section titled “Description of Capital Stock—Anti-Takeover Provisions.”
Director Independence
In connection with this offering, we intend to list our Class A common stock on the          . Under the rules of the          , independent directors must comprise a majority of a listed company’s board of directors within a specified period after the completion of this offering. In addition, the rules of the          require that, subject to specified exceptions, each member of a listed company’s audit, compensation and nominating and governance committees be independent. Under the rules of the          , a director will only qualify as an “independent director” if, in the opinion of that company’s board of directors, that person does not have a relationship that would interfere with the exercise of independent judgment in carrying out the responsibilities of a director.
Additionally, compensation and leadership development committee members must not have a relationship with us that is material to the director’s ability to be independent from management in connection with the duties of a compensation and leadership development committee member.
Audit committee members must also satisfy the independence criteria set forth in Rule 10A-3 under the Exchange Act. In order to be considered independent for purposes of Rule 10A-3, a member of an audit committee of a listed company may not, other than in his or her capacity as a member of the audit committee, the board of directors or any other board committee: accept, directly or indirectly, any consulting, advisory, or other compensatory fee from the listed company or any of its subsidiaries; or be an affiliated person of the listed company or any of its subsidiaries. We intend to satisfy the audit committee independence requirements of Rule 10A-3 as of the completion of this offering.
Our board of directors has undertaken a review of the independence of each director and considered whether each director has a material relationship with us that could compromise his or her ability to exercise independent judgment in carrying out his or her responsibilities. As a result of this review, our board of directors determined that are          “independent directors” as defined under the applicable rules and regulations of the SEC and the listing requirements and rules of the          . In making these determinations, our board of directors reviewed and discussed information provided by the directors and by us with regard to each director’s business and personal activities and relationships as they may relate to us and our management, including the beneficial ownership of our common stock by each non-employee director and the transactions involving them described in the section titled “Certain Relationships and Related Party Transactions.”
Lead Independent Director
Our board of directors will adopt, effective prior to the completion of this offering, corporate governance guidelines that provide that one of our independent directors will serve as our lead independent director. Our board of directors has appointed Godfrey Sullivan to serve as our lead independent director. As lead independent director, Mr. Sullivan will provide leadership to our board of directors if circumstances arise in which the role of Chief Executive Officer and chairperson of our board of directors may be, or may be perceived to be, in conflict, and perform such additional duties as our board of directors may otherwise determine and delegate.
Committees of the Board of Directors
Our board of directors has an audit committee, a compensation and leadership development committee and a nominating and governance committee, each of which, pursuant to its respective charter, will have the composition and responsibilities described below upon the completion of this offering. Following the completion of this offering, copies of the charters for each committee will be available on the investor relations portion of our website. Members serve on these committees until their resignation or until otherwise determined by our board of directors.
109


Audit Committee
Our audit committee is composed of         ,            and            .          is the chair of our audit committee. The members of our audit committee meet the independence requirements under          and SEC rules. Each member of our audit committee is financially literate. In addition, our board of directors has determined that          is an “audit committee financial expert” as that term is defined in Item 407(d)(5)(ii) of Regulation S-K promulgated under the Securities Act. This designation does not, however, impose on him or her any supplemental duties, obligations or liabilities beyond those that are generally applicable to the other members of our audit committee and board of directors. Our audit committee’s principal functions are to assist our board of directors in its oversight of:
selecting a firm to serve as our independent registered public accounting firm to audit our financial statements;
ensuring the independence of the independent registered public accounting firm;