All data is encrypted in-transit and at-rest, as per the industry standard. End-to-end encryption is an interesting feature with obvious extended privacy benefits on one hand, that could prevent a system from providing other features on the other hand. Depending on the requirement for end-to-end encryption, in some instances a custom NDA can be signed to mitigate a specific concern. It's a feature we haven't seen much demand for, but if that changes we may prioritize it higher on the road map. Would you mind sharing your use case or concern?
I think the question is "can any one outside my company/org access my code". Apparently it is because the tool offers cloud collaboration using web UI.
If you share your repository with a collaborator, they can access it of course. Same is true if you share your repository with end-to-end encryption, your collaborator should be able to decrypt and use it.
Good question! End-to-end encryption would mean that you can't run cloud CI or merge conflicts in the cloud and other features. To my knowledge none of existing VCS solutions are end-to-end encrypted (I might be wrong though!)
We might add end-to-end encryption in the future (disabling some capabilities), if there's demand for it.