GitLab self-hosted instances data sharing

Ntakwetet asked:

I’m working on a personal project with some friends and it is becoming quite large, so I’m considering to self-host a GitLab instance to help preventing the development to go to complete chaos.
However, I discovered that GitLab’s privacy policy allows GitLab to gather some data from its users and share them with third parties and I’m not OK with that, but it isn’t clear if that applies to "Self-managed" instances with Usage Ping disabled (1, 2).
Some weeks ago I wrote to the developers asking for more information, but I’m still waiting for an answer.

Normally I would just discard the option, but I found that some free (libre) software projects, e.g. The Tor Project and GNOME, use self-hosted GitLab instances. Especially the former is (should be?) extra careful about users’ privacy, so I’m not sure about what to suppose.

So, the question is: do GitLab self-hosted instances send any data (personal or not) to GitLab or other third parties when the Usage Ping is disabled? If so, how can I prevent that?

My answer:

Self-hosted GitLab has exactly two features which send data to GitLab:

  • Usage ping, which you have already discovered, which collects a variety of anonymized statistics about how users use GitLab, and
  • Version check, which checks to see if an update is available.

GitLab Inc. collects your instance’s version and hostname (through the HTTP referer) as part of the version check. No other information is collected.

Both can be enabled or disabled at will.

View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.