Hi @john-hannah, thank you for raising an important concern and sorry for the late reply – I wanted to confirm a few things with the team first (and in particular with our Data Protection Officer in accordance to the GDPR).
Here is what we can guarantee in terms of data privacy:
All Gitpod data lives and stays in Google Cloud: active workspaces run in Kubernetes clusters with modern security policies, and all other data is encrypted at rest in Google Cloud Storage.
Access tokens are encrypted both in-flight and at rest.
Deleting a workspace removes all data from our system immediately (there is no retention beyond this point, i.e. workspace data and any backups are lost forever).
Gitpod operators can technically look at workspace data, but internal Gitpod policy forbids it unless there is strong suspicion of our rules of Fair Use being violated (see Terms of Services), or there is a support case where a user asks for admin intervention. Also, any admin access is logged and cross-verified where possible.
We take data privacy and security very seriously, so if you have any question, suggestion or concern not covered by these guarantees, please let us know (for security concerns, please email email@example.com directly). For example, if any of your clients require us to pass certain certifications, we’ll be happy to see what we can do.
(Also, we should probably back these guarantees with additional references, and add them to our documentation.)