
Basecamp Employee Handbook - josemrb
https://github.com/basecamp/handbook
======
piqufoh
Under parental leave;

> You may also choose to take an additional 8 weeks leave unpaid. Note that
> this does not guarantee your employment. We're simply keeping your job open
> for an additional 8 weeks, unless your position becomes redundant.

Is it just me, or does that sound a little harsh? (Maybe I'm used to UK
workers rights) Isn't this exactly the reason why many parents don't take the
parental leave they probably should? ie that they fear they will become
obsolete simply from not being in the office...

~~~
scurvy
This is curious considering DHH's involvement in Basecamp and how often he
espouses European ideals. You'd think they had a year of maternity and
paternity leave.

~~~
tptacek
50 person companies can't as a rule guarantee year-long parental leave; that's
just not realistic. They can do their best to make it work, but no company of
this size in this kind of market can make promises like that.

~~~
kayhi
"Employees at the Bill & Melinda Gates Foundation, the largest private
foundation in the world, will be able to enjoy up to one year of paid time
with their newborns during the child's first year after birth or adoption
starting next year." \- Business Insider

~~~
tptacek
The Bill & Melinda Gates Foundation can promise a lot of things that a 50
person competitive startup can't reasonably promise.

~~~
zip1234
Also, the Bill and Melinda Gates Foundation does not make a profit...

------
stevenwu
_Community Supported Agriculture (CSA) Allowance

Fresh, organic, local fruits and vegetables are great to have on-hand, so we'd
also like to offer a CSA membership to you. Finding a local provider will be
up to you, but you can expense the cost of a seasonal or annual CSA share as
an employee benefit, up to $1,000/year._

Count that as a perk I've never heard of before.

Cool peek into how a company that works remotely can function successfully.
This handbook could be a blueprint for that model - are there any other
examples of remote companies publishing their internal handbooks?

~~~
maxxxxx
I don't really like this kind of perk. Just give me the cash and I can decide
what to do.

~~~
stevenwu
I'm OK with these kinds of quirky add-on allowances so long as the category
for the add-on is positive, either for you as a person (e.g.: fitness,
learning) or the local community (e.g.: paid time off volunteering, charity
matching). We'd all be better off if we were a little more involved with our
community, a little more active, and eating a little bit healthier, and the
most common excuse for not doing these is "I don't have the time/money." If
you just give extra cash how can you achieve the same effect in encouraging
people to live healthier?

~~~
maxxxxx
I exercise daily at home. Probably more than most of the people who get the
gym paid for.

It's not a big deal but I wouldn't mind some extra cash.

~~~
jedberg
One company I worked for had a benefit of paying up to $1000/yr for a gym
membership OR up to $1000 of gym equipment for your home per year.

~~~
maxxxxx
I guess I can get a really expensive yoga mat :-)

------
bluetidepro
> Sabbatical - Every three years, employees are eligible to take a one-month-
> long sabbatical. Just give a heads-up preferably three months in advance, so
> we can coordinate the work-load accordingly.

I wish this was more common in the tech industry. I know for other industries
this is basically a standard thing, but it seems like many tech companies
don't do this.

~~~
skolos
One-month-long? Isn't it too short for sabbatical? How is it different from
vacation? I think I might not understand what they mean by sabbatical.

~~~
nhangen
Most vacations, at least in the US, are 1 week in length. Upper middle class
takes maybe 2 weeks. The wealthy of course take as long as they want.

I don't think I've ever had a vacation longer than 10 days.

~~~
noam87
Wow that's awful.

~~~
nhangen
I agree! That's why I became an entrepreneur lol.

~~~
brianwawok
Then you realize entrepreneurs get even less vacation

~~~
nhangen
pretty much

------
ezyjules
I'm pretty immersed in the field of parental leave benefits in the US and UK,
having setup Pledge Parental Leave www.pledgepl.org. Important to get the full
perspective on the market in the US. You're taking a crap on a company with
extremely progressive benefits across the board, furthermore so, one offering
them at a 'meager' size of 50, where the relative cost is much greater than
compared to a 'large' company.

It is very easy to make simple comparisons between UK and European standards
vs US standards. The fact is that there is almost zero government
funding/support for parental leave in the US. The US is the only developed
country in the world without any government mandated parental leave standards.

What Basecamp offer in terms of paid leave to either parent is top tier in the
US. If you take a look at Facebook, Google and others they offer close to
similar benefits -
[https://docs.google.com/presentation/d/1Ibj79Eh8Cvk4Wy_dPZNc...](https://docs.google.com/presentation/d/1Ibj79Eh8Cvk4Wy_dPZNc19894N8zcQNgYem0K4EWrAg/edit?usp=sharing)

In the US, any company stepping up in this area is doing so of its own
volition and cost - again the government gives a company zero funding. In the
UK, German, Sweden etc they pick up most of the tab of extended leave. In the
US, the only form of support is for mothers through expensive health insurance
for the 'disability' of having a child. So before you engage in moral
relativism, it's healthy to get the context and the facts. Check out
[http://www.pledgepl.org](http://www.pledgepl.org) if you want to clue up or
help fix this situation.

~~~
duncan_bayne
Language matters in this case, especially when you're in an advocacy role.

"The government... pick[s] up most of the tab of extended leave" is simply not
true. Other taxpayers - including other parents - pick up the tab.

~~~
ezyjules
Yes, point well made. This is how taxes work. In this case I was highlighting
that the company itself does not have to cover the majority.

~~~
duncan_bayne
Sure - because that burden has been pushed, in part, onto its staff.

I know it may seem pedantic but phrases like "Government funding", "free", and
"entitlements" muddy the waters when discussing the morality of policies.

Is the same as hearing "the US Government declared war on North Korea". Sounds
much more heroic than it'd wind up being. At least, since Davy Crockett died
;)

------
philip1209
Wow - they advise employees to remove all company data from devices, leave the
company 1password account, disable touch ID, and put their attorney on speed
dial every time they go through customs.

~~~
SomeHacker44
I don't go that far, but I do have all my hardware encrypted (MBP, iPhone,
iPad) and I power these things off so that they will be unable to trivially
decrypt them when I go through customs.

I wish iDevices had a thing that would let me "double click" the power button
to passcode-lock the device and disable TouchID until unlocked again.

I don't use the TouchID on my MBP at all.

~~~
tptacek
That's not enough: they can demand that you unlock the device at the border,
including powering it on. If your battery is depleted, they'll give you a
charger and wait. If you refuse, they can and will confiscate the devices. You
can't outsmart them: for pretty much every major country, they're better at
this than you are.

They can do all of this even if you're a citizen. In the US, citizens (and, to
a lesser but still meaningful extent, LPRs) cannot be denied entry to the
country. But you can still lose all your devices. You can be detained,
potentially overnight, no matter who you are. If you're not a citizen, you can
be detained and then sent back without your devices.

The only realistic answer is not to have sensitive data on your devices at the
border at all, nor any indication of where your sensitive data is or any means
of getting access to it.

~~~
no_wizard
I wonder if some form of push back on this would be timed release malware? its
just crazy talk and all, I'd NEVER do this, but as a hypothetical since they
are plugging your device(s) in to a machine, it would be possible to infect
said machine, yes?

Now that’s resistance.

Also: I've heard of people who just wipe their devices and then just download
really really grotesque photos to their devices to gross out the employees who
have to look through it.

~~~
tptacek
If you want to go to prison, this is definitely a way to see the inside of a
federal prison cell.

~~~
no_wizard
I imagine as such. Though, if its timed....could they even trace it if done
right? you'd be long gone by then.

------
aspencer8111
This company publishes a handbook that puts most corporations to shame in
every benefit category. So we are picking them apart for their 401k and their
parental leave? Seriously!?! I don't understand HN any more...

~~~
abuani
It's always easier to identify the bad then it is to identify the good.
Especially if you're coming at this from a specific perspective "This company
sucks!", then you're bound to find something that doesn't strike you as
excellent.

At my current company, I do not get any 401k matching, and it sucks. However,
the company fully covers medical insurance for each employee and their ENTIRE
family. My copay's are more then fair, and unless I end up in an emergency and
I'm rushed to a hospital that's out network and it turns out that it wasn't an
emergency, I have no other costs. Being married, I save thousands a year in my
paycheck by not having to cover any of my insurance. Compared to the cost of
my previous job, the difference is enough to fully fund my IRA which is
roughly equivalent to a 4% match in my 401k which is the best any company has
offered me to date. So in the end, I lost an employee match, but save $6k a
year in medical insurance for my family.

It's a balance, and I can understand why people would be upset to "only" see
six weeks of Paternal leave, but when you look at their entire portfolio of
perks, it's amazing. It is among the best. Can they do better? Sure. Should
people flay them for two sticking points? Absolutely not.

------
tptacek
There's a lot of good stuff here. I'm surprised about their take on speaking
engagements (they're OK as long as they don't involve multi-day travel
obligations). I get that you don't want team members touring talks or becoming
conference tourists. But a lot of companies _want_ their employees doing
speaking engagements; Matasano/NCC, my old employer, pays a pretty substantial
cash bonus for every time you do that.

~~~
ryandrake
Is "doing speaking engagements" really a big thing in tech? I've been in the
industry for close to 20 years and have never felt the need to (or been asked
to) go drone on about something at a conference somewhere, or even to go
attend one for that matter. I couldn't even tell you what any major software
conferences are, although I'd probably recognize the names of some of them.

~~~
tedmiston
It seems like speaking and even attending conferences varies a lot by a
developer's personality type. I've always been a fan and find it the most
effective way to take in info on a large variety of topics I might not
otherwise find in a very concentrated period of time. The networking and
whatnot can be useful too. At PyCon it was neat to meet GvR for instance.
Anecdotally I'd say maybe 20% of the devs I know pursue conferences regularly.

------
andygcook
For anyone interested in handbooks and culture codes, my startup, Tettra,
curated all the ones we could find on CultureCodes.co. Will add Basecamp to
the list soon too.

~~~
movengeance
Looks like the slideshow framework you're using to iframe in the handbooks is
broken; i couldn't page through any of the companies I clicked through on.

~~~
andygcook
Sorry about the issue. Which company's broken for you and which browser are
you using?

------
rdslw
I find this discussion of "benefits" fascinating.

In Europe, _standard_ in IT companies (Central Europe, mind you), is:

* 25 fullt paid days (or more) of vacation every year (no need to call it a sabatical and limit it to once a three years), not including national holidays etc.

* one year of (or more) paid maternity leave (or more), while second parent gets few weeks (two at my country)

* free gym membership (so I can yoga/climb/whatever for free)

* private health coverage (in addition to the public one, if your country (most EU has)

* sickness time at least 80% paid (in most IT it's 100%)

* fresh fruits daily (I don't even mention drinks etc)

* education budget per employee (conferences etc)

Thats a STANDARD if you want to recruit software engineer here you must have.

~~~
mahyarm
Other than the vacation and parental leave time spans, which is mostly gov't
law in many cases and not the company, that is pretty close to what it is in
the USA.

~~~
rdslw
Quite the opposite.

1\. dozens comments here from USA guys, treating basecamp benefits as superb.

2\. it's paid by the company in the Europe, not the govt.

3\. you seems to quitly skim over thing like unpaid sick leave in USA. It's
paid in europe. This alone is a huge difference. or am I wrong and this is
paid in US?

~~~
mahyarm
I was comparing to a typical SV tech company benefits package. I'm pretty sure
your central european benefits package isn't standard for the rest of the
country either.

Sick leave is usually just taking a day off and in practice nobody really
cares. If your really sick then it gets covered by your disability insurance,
which is pretty close to that %XX of your wage coverage.

What is your income level there?

~~~
rdslw
Definitely is not 'nobody really cares'.

Adding vacation time (which is standard not only in IT) of 5 weeks plus
average sicktime (let's assume two weeks in a year) that's a big _paid_
difference.

And as to the basecamp package being typical in SV: I concluded from many
posts in this conversation differently.

PPP adjusted for cost of living, I suspect 20% lower on average than yours.
Taking into account healthcare (priv and public), pensions, education (here is
free and much better objectively: [https://blog.hackerrank.com/which-country-
would-win-in-the-p...](https://blog.hackerrank.com/which-country-would-win-in-
the-programming-olympics/) but also feel free to google OECD reports for
EU/USA gap if you don't like hackerrank) and of course that year of paid
maternity leave you skimmed over ;-) yeah it's much "different" here.

p.s. There was also a great discussion on HN about CA standard of housing and
costs (rents, houses etc) two months ago. Conclusion: insane, unless you're
DINK.

------
kzisme
> Basecamp will pay up to $100/month for your gym membership, yoga studio
> membership, or whatever activity you do to stay in shape.

Is this sort of thing common? I wish my current employer did something like
this. While I'm still skimming some of the documents - Basecamp sounds like a
cool place to work.

~~~
knodi123
I think it is often subsidized by your health insurance. But even if it isn't,
it just makes sense - healthy employees need fewer sick days, and have better
mental health and energy levels.

~~~
kzisme
Thanks for the reply - I was just curious because currently (first job post
graduation) nothing like that is offered where I work and I would take
advantage of it if I got the chance.

------
tangue
It's a well thought and nicely written document though I'm not sure I'd like
something like the 5x12s (
[https://github.com/basecamp/handbook/blob/master/our-
rituals...](https://github.com/basecamp/handbook/blob/master/our-rituals.md) )

~~~
Mister_Snuggles
I think the "5x12s" actually sound pretty neat. Sure, it's not work related,
but it's nice to have some kind of socialization with your co-workers that
isn't just focused on work.

~~~
kossae
The fact that the founders are involved as well is awesome. I'd say it really
humanizes them in an environment where upper-level management could seem
unreachable or distant.

------
madmax108
> TL;DR: Don't Travel With Work Data

> If you don't need your work laptop (or tablet/phone), don't bring it with
> you!

> Wipe company data from your phone before crossing the border. Restore it
> afterward.

I've heard this advice quite a few times in recent times. Wonder how useful
advice like this (and the implications of this) actually is.

~~~
tptacek
Can you rephrase the question? What are you wondering?

~~~
madmax108
How useful is it to clean all my work data every time before crossing the
border? And if I'm asked why there's no data on my system, should I say I
wiped it clean? or that it's a new system? or that it's a personal system?

~~~
yebyen
If you find yourself in the position of answering why there's no data on the
system, I think you'd already know the answer.

It takes a pretty invasive search to come to that conclusion. (Unless your
definition of wipe is like, cat /dev/zero >/dev/sda, in which case they'd
probably ask why it doesn't work pretty shortly after asking you to turn it
on, and then you'd get to the conclusion fairly quickly.)

I've never had to deal with an invasive search like this but I've also never
gone through customs with a laptop, at all. I think this kind of policy
instruction is more useful as a way of simplifying the kinds of questions that
General Counsel has to answer, especially in a corporate environment where you
have a lot of (nerds) extremely privacy-conscious developers.

That eliminates a whole class of questions. "What should I do if I am asked to
unlock my computer by a customs agent?" Let them search anything they want to,
if they have legal authority to do it. "What if I have sensitive company data
on my work laptop and we've signed XYZ NDA with LMNO Company?" This question
and a whole host of related questions will never come up at all if there is a
policy against carrying any type of sensitive data through customs.

If you are an employee of such company and you have issues with this policy,
there is a pretty good chance it's because you aren't in the habit of keeping
great backups. So that's one more great reason for the company to have this
policy, as that's information that you'll want to become known and have
addressed some time well before it matters.

------
epsilongreedy
Is it just me or are their "real" benefits pretty poor?

Health Care: no vision, I assume no dental. 25% copay on the PPO is on the
higher end too, no?

401K: Not matching up to max. Certainly not all companies do, but still. I
guess it's rare for startups.

Equity pool: (1) What happens on year 6? You don't vest any more equity? (2)
This feels to me like it would not reward tenured employees as much. If you
joined the company at 10 people and it IPOs at 300, you would be diluted
significantly more than if you started with 1-2% of the company and diluted at
investment rounds (I know they don't like to take on investor money, but just
for comparison)

Seems like if you decide to work at Basecamp, you are trading some "real"
benefits for the unique company culture.

~~~
mahyarm
What is the difference between matching and just giving you more salary, which
you could put into your 401k? Does it enable you to put even more into your
401k tax free?

~~~
praneshp
You're limited to 18k a year, which many people probably hit.S So extra salary
would not help. That's one reason.

------
dceddia
I didn't know Basecamp was behind WeWorkRemotely.com. That's cool to learn.

Evidently, they also sold it off recently:
[https://github.com/basecamp/handbook/blob/master/product-
his...](https://github.com/basecamp/handbook/blob/master/product-
histories.md#weworkremotelycom)

------
AVTizzle
There's a few comments here pointing out their rules for wiping company data
from devices when traveling through customs.

As a frequent international traveler, I feel naive here... can anyone point
out any resources as to why this is best practice? What's on the line here,
and what's going on that we need to be aware of?

~~~
yebyen
Well it's probably a lot simpler than you think. If you carry it through
Customs then it is subject to search. If you don't carry it through Customs
then you can be searched, and you're not disclosing any proprietary company
data. Easy peasy.

For any company that has external NDA obligations, this seems like a no-
brainer to make legal compliance very easy. You don't want to disclose your
proprietary company data, well then make a policy that says don't put
proprietary company data in a position where it is likely to be subject to
legal searches without any strong requirement for a warrant (probably a very
short list of situations, maybe just when passing through Customs.) Now you
can sign NDAs and pass through customs too, and don't worry about any
potential that a conflict between the two could put you in a precarious legal
position.

Customs has very broad legal latitude to perform invasive searches on a whim.
(Here in the US, I don't think I even need to pass through customs to be
subjected to invasive searches like this when passing through an airport.)

~~~
amorphid
That makes Johnny Mnemonic sound a little less crazy.

------
laktek
Is there a similar publicly available product to Shipshape?
[https://github.com/basecamp/handbook/blob/master/our-
interna...](https://github.com/basecamp/handbook/blob/master/our-internal-
systems.md#shipshape)

------
nodesocket
Anybody else surprised that their billing and identity system[1] is publically
accessible (login required of course). Shouldn't this only be accessible
within a trusted zone (office/VPN)?

[1] [https://billing.37signals.com](https://billing.37signals.com)

~~~
jpalomaki
Not necessarily, Google is doing something similar:
[https://cloud.google.com/beyondcorp/](https://cloud.google.com/beyondcorp/)

And of course there's many companies who use Github and various other online
services for core activities.

------
krallja
Campfire seems missing from the Product Histories.

edit: filed
[https://github.com/basecamp/handbook/issues/11](https://github.com/basecamp/handbook/issues/11)

edit2: and it's fixed already

------
rahoulb
Everyone's going on about parental leave.

To me the big thing is 37 Signals spent years railing against companies with
their handbooks and written down procedures. Calling them rituals doesn't
change the fact that they have processes

------
josefresco
37receipts@gmail.com - is there any risk to putting information like this "out
there"?

Sounds like an invitation for a phishing attempt.

~~~
mtrpcic
I dont understand why they wouldn't do "receipts@37signals.com" and have it be
an email address that only accepts internal mail.

~~~
chatmasta
Because then every vendor looking at its CRM knows it just landed a whale of a
customer.

------
raja
What is ShipShape @ Basecamp that is mentioned in the getting started guide
regarding security protocol monitoring?

~~~
t3rabytes
Shipshape is just a security and config audit tool that ensures that you have
proper MacOS security settings (FileVault, proper password requirements,
Gatekeeper, SIP, etc.) and a few other things installed (1Password, etc.).

~~~
danielneri
Any publicly available equivalent tools?

~~~
hb3b
Puppet/Salt/Chef.

------
dginsburg
There has been little mention of the most amazing perk at Basecamp which are
the four day work weeks for four months of the year. This doesn't mean working
four days of ten hours each day. You work four normal, eight hour days and get
one day off.

------
famousactress
Is the sabbatical paid?

~~~
mr_ndrsn
Yes!

------
misiti3780
seems like it would be a pretty awesome company to work for.

~~~
mr_ndrsn
It is. We're hiring for Ops, too!

[https://m.signalvnoise.com/become-the-newest-member-of-
our-o...](https://m.signalvnoise.com/become-the-newest-member-of-our-ops-
team-d465e4232f3d)

Looking to spread our timezones a bit more, hoping to see lots of EU/Pac
applicants!

~~~
toomuchtodo
Looking at the job req, it mentions the expectation is for 5 minute response
times when you're on call (from alert to being online) and that you're on call
one week a month.

Is the compensation provided in line with essentially working 24 hours a day
for a week once per month?

[https://basecamp.workable.com/j/A5A189B311](https://basecamp.workable.com/j/A5A189B311)

"We have a shared on call responsibility which is about 1 week (5 week days,
and 2 weekend days) a month. (The responsibility means you'll be online within
5 minutes of receiving an alert.) We constantly work on making the on call
responsibility as calm as we can. We try to finish what we start vs leaving it
for someone else to clean up. When there is a code red event (like a site
outage), we all pitch in to help until we are sailing on calmer seas again."

~~~
themcgruff
(I run our Ops team.) The time burden goes down with the more people we have.
It's still a burden though -- and our compensation (in theory) reflects that.

FWIW We're doing everything we can to make this "work hours only" M-F, which
we could solve by hiring tons of people immediately, but we also have other
ideals like keeping the company as small as possible that we want to realize
too.

There's an open and ongoing discussion about making improvements in this area
and I'm thankful that David and Jason have been receptive to many of the
suggestions I, or anyone else on our team has had.

My personal stance is that we should do everything we can to give Ops a 40
hour work week that's during regular working hours and no more, even if that
means people get cut a lot of extra slack to recover after a late night page,
etc. (Hopefully our team would back me up in saying I encourage people to take
reasonable time to make up "lost" hours.)

(Also fwiw, I participate equally in the on call rotations.)

~~~
dsr_
So you've got 6 people and want to have 8.

There's a big problem with being on call for one week out of 6 or 8: you lose
touch with the procedures. Sure, your four year veterans know everything by
heart - but the first few shifts of a newbie are going to be perilous. I
recommend making the shifts shorter and more frequent.

Presumably one person is on-call and everyone else can be called in / woken up
as necessary. So - split each day into two halves, and ask people to be on-
call for a 12 hour period.

Rotate the roster around so that Jane doesn't always have the same Friday-
afternoon shift, nobody has 2 shifts in a row, and put it in a shared calendar
so you can always see who has the watch.

With 6 people, you'll take 2 and a seventh shifts per week. At 7, it's an even
2 shifts per week.

Benefits:

\- much less of a burden that a whole week of readiness

\- brains work better when they haven't been pummeled for a week at a time (at
least, mine does)

\- easily scales fairly when you have more people, or when someone leaves, but
keeps everyone in the loop. When you have 14 people in Ops, you only have one
shift a week, but you get one every week.

\- much more family-friendly

OK, why 2 12 hour periods instead of splitting the day into 8, 6 or 4? Because
people lose track too easily. Trying to schedule around your kid's concert or
music lessons with smaller chunks is hard to keep in your head - and trying to
work that in with a one week shift is nigh-impossible.

Why not a 24 hour shift? Because it's really hard to recover from that. Humans
are generally awake for about 15-17 hours a day. Shifting a few hours is
generally doable.

I would recommend that for anyone who took an alert call during non-core
hours, you automatically expect them to take the next normal day to recover. I
know that when I get woken up at 4AM, I'll run out of steam by 2 or 3PM.

