Gitpod processes first name, last name, and email in order to provide the services, in addition to the user account from your company’s code repository. For more information, please contact your Account Manager for the Gitpod DPA.
Authentication occurs via OAuth tokens which can be revoked and/or re-authorized at any time.
All Workspace content is encrypted at rest with (AES256) and in-transit (TLS 1.2 or above).
Workspaces deploy as Kubernetes pods. Each Workspace operates within its own set of namespaces, so that they cannot interfere with each other.
We are SOC 2 Type 2 compliant for two years running and conduct pentesting at least annually. Reports are available upon request and under MNDA; please contact your Account Manager.
Gitpod can be hosted end-to-end by us, or deployed by you in your own AWS account. For more information, please see this link for deployment architecture.