CatchApp Bookings is an intuitive scheduling tool made for professionals, to save time.
CatchApp Bookings is an intuitive scheduling tool that allows you to create an online bookable calendar to allow your clients to self-book appointments, or for you to share as you wish to schedule meetings.
Allow your clients to book appointments on your own personalised online Bookings page, which can be shared in seconds over SMS, Email, social media and even embedded online.
Works seamlessly with monday.com, allowing you to manage all your appointments from one single source of truth! (And over 5000 other apps)
Improve attendance with built-in reminders - Emails and text reminders (SMS) - always keep your clients (and you) informed on upcoming appointments, reducing no-shows massively.
Invite your team to share the productivity across all appointments using our Corporate Accounts feature, enabling you to share CatchApp Bookings to multiple users.
Does the developer periodically perform penetration testing?
Not answered
Does the developer have a dedicated security and privacy point of contact for such issues or questions?
Not answered
Does the app restrict redirects and forwards only to approved destinations, or show a warning when redirecting to potentially untrusted content?
No
Users manage their own bookings pages, so we do not generally expect them to see any external user-generated redirects. Hyperlinks are not allowed on the client booking pages, so no one can add external links on these pages.
Does the app protect against mass parameter assignment attacks?
Yes
Mass parameter assignment attacks are protected against by following best practices similar to the linked guide. Objects are restricted by authentication tokens that only have the required access level for the task.
Does the app perform encoding and sanitization on all user supplied parameters to protect against Cross-Site Scripting?
Yes
XSS encoding and sanitisation is performed through our web framework and careful handling of user-supplied data.
Does the developer protect all state-changing actions against Cross-Site Request Forgery (CSRF)?
Yes
We use CSRF tokens to validate all requests.
Does the developer have mechanisms to notify monday.com in case of a security breach?
Yes
In case of a security breach, we would notify monday.com by email as soon as we are aware of the scope of the breach, and would also contact our monday.com contacts directly via monday.com. In addition, we are connected to the London team, and would give them a call to ensure speedy communication.
Does this developer have a process for installing application-level updates and security patches for the service (such as software packages and databases)?
Yes
Critical patches are installed as soon as we are aware of the issue High vulnerabilities we aim to address within a week Medium within a month Low within a quarter
Compliance
Is the app certified with the information security standard ISO/IEC 27001:2022?
Not answered
Is the app compliant with the Health Insurance Portability and Accountability Act (HIPAA)?
Not answered
Is the app certified with System and Organization Controls (SOC 2 or SOC 3)?
Not answered
Is the app compliant with the General Data Protection Regulation (GDPR)?
Not answered
Data
Does the app send any data outside of monday.com? If yes, indicate whether the data is customer-submitted (e.g., board names, item names, doc content) or non-customer-submitted (e.g., account ID, board ID, user ID).
Not answered
Where does the app store logs data?
Not answered
Where does the app store the app data?
Not answered
Does the developer ensure application logs do not contain secrets or personally-identifiable information (PII)?
Yes
Logs are restricted to limited parameters following best practices (similar to the linked guide) and are rotated daily.
Is customer data segregated from the data of other customers (for example logically or physically)?
Yes
Data is separated logically using authentication tokens to restrict access. Tokens are generated for user’s mobile numbers, meaning that they cannot see other users’ appointments without physical access to their mobile.
Privacy
Does the developer enforce multi-factor authentication on employees access to systems which may process customer data?
Yes
Authentication for accessing systems that process/hold customer data is done through both a password and a private key
Does the developer protect access to customer data based on the principle of least privilege?
Yes
Only the CTO has full access to the data, which requires an encrypted key and secure connection.
Reviews
March 9, 2023
TB: the app was written by a third grader in a 1994. terrible.
Installation history
We have data for December 28, 2024 onwards only. Collected sometime after 00:00 UTC daily.
{
"id": 100000002,
"description": "<p><a href=\"https://blog.catchapp.mobi/catchapp-scheduling-genius-0\" rel=\"noopener noreferrer\" target=\"_blank\"><strong>CatchApp Bookings</strong></a> is an intuitive scheduling tool that allows you to create an online bookable calendar to allow your clients to self-book appointments, or for you to share as you wish to schedule meetings.</p><p><br></p><p>Allow your clients to book appointments on your own personalised online Bookings page, which can be <a href=\"https://blog.catchapp.mobi/fire-and-forget-link-sharing\" rel=\"noopener noreferrer\" target=\"_blank\">shared in seconds</a> over SMS, Email, social media and even embedded online.</p><p><br></p><p><em>Works seamlessly with monday.com, allowing you to </em><a href=\"https://blog.catchapp.mobi/managing-your-time-on-monday.com\" rel=\"noopener noreferrer\" target=\"_blank\"><em>manage all your appointments</em></a><em> from one single source of truth! (And over 5000 other apps)</em></p><p><br></p><p><a href=\"https://blog.catchapp.mobi/sync-up-two-way-sync\" rel=\"noopener noreferrer\" target=\"_blank\">Powerful 2-way sync with all major calendars</a> - Google, Microsoft, and Apple - meaning you’ll never need to worry about getting double-booked again!</p><p><br></p><p><a href=\"https://blog.catchapp.mobi/reducing-no-shows-with-email-and-text-reminders\" rel=\"noopener noreferrer\" target=\"_blank\">Improve attendance with built-in reminders</a> - Emails and text reminders (SMS) - always keep your clients (and you) informed on upcoming appointments, reducing no-shows massively.</p><p><br></p><p><a href=\"https://blog.catchapp.mobi/appointments-with-video-conferencing\" rel=\"noopener noreferrer\" target=\"_blank\">Link up with your favourite video conferencing tools</a> - Zoom, Google Meet, Microsoft Teams - and connect to monday.com: the only scheduler integrated.</p><p><br></p><p>Invite your team to share the productivity across all appointments using our <a href=\"https://blog.catchapp.mobi/corporate-accounts\" rel=\"noopener noreferrer\" target=\"_blank\">Corporate Accounts</a> feature, enabling you to share CatchApp Bookings to multiple users.</p><p><br></p><p><a href=\"https://catchapp.co/u/danieltruman/demo\" rel=\"noopener noreferrer\" target=\"_blank\">Scheduling Genius</a> - <a href=\"https://app.catchapp.mobi/sign-up\" rel=\"noopener noreferrer\" target=\"_blank\">Join today, Schedule without limits!</a></p>",
"short_description": "CatchApp Bookings is an intuitive scheduling tool made for professionals, to save time.",
"compliance_answers": [
{
"questionId": 1,
"shortAnswer": true,
"detailedAnswer": "Data is separated logically using authentication tokens to restrict access. Tokens are generated for user’s mobile numbers, meaning that they cannot see other users’ appointments without physical access to their mobile.\n"
},
{
"questionId": 2,
"detailedAnswer": "Critical patches are installed as soon as we are aware of the issue\nHigh vulnerabilities we aim to address within a week\nMedium within a month\nLow within a quarter",
"shortAnswer": true
},
{
"questionId": 3,
"detailedAnswer": "In case of a security breach, we would notify monday.com by email as soon as we are aware of the scope of the breach, and would also contact our monday.com contacts directly via monday.com. In addition, we are connected to the London team, and would give them a call to ensure speedy communication.\n",
"shortAnswer": true
},
{
"detailedAnswer": "We use CSRF tokens to validate all requests.\n",
"questionId": 4,
"shortAnswer": true
},
{
"detailedAnswer": "XSS encoding and sanitisation is performed through our web framework and careful handling of user-supplied data.\n",
"shortAnswer": true,
"questionId": 5
},
{
"questionId": 6,
"shortAnswer": true,
"detailedAnswer": "Only the CTO has full access to the data, which requires an encrypted key and secure connection.\n"
},
{
"questionId": 7,
"detailedAnswer": "Authentication for accessing systems that process/hold customer data is done through both a password and a private key\n",
"shortAnswer": true
},
{
"detailedAnswer": "Logs are restricted to limited parameters following best practices (similar to the linked guide) and are rotated daily.\n",
"shortAnswer": true,
"questionId": 8
},
{
"questionId": 9,
"detailedAnswer": "Mass parameter assignment attacks are protected against by following best practices similar to the linked guide. Objects are restricted by authentication tokens that only have the required access level for the task.\n",
"shortAnswer": true
},
{
"questionId": 10,
"detailedAnswer": "Users manage their own bookings pages, so we do not generally expect them to see any external user-generated redirects. Hyperlinks are not allowed on the client booking pages, so no one can add external links on these pages.",
"shortAnswer": false
}
],
"badges_data": {
"pricing_data": "14 days trial",
"display_in_template_store": true,
"acquisition_source": "Existing legacy",
"app_values": [
"Built for scalability"
]
},
"data": {
"is_connector": true
},
"keywords": "Bookings,Schedule,Appointments,Calendar,Appointments,Meetings,scheduler,Productivity,Calendly,Outreach,Acuity,calendar,scheduling",
"thumbnail_url": "https://dapulse-res.cloudinary.com/image/upload/v1625149645/monday-apps-marketplace/Catchapp%20Bookings/Monday-CatchApp_CardImage_592x348px_1.png",
"logo_url": "https://dapulse-res.cloudinary.com/image/upload/v1625149643/monday-apps-marketplace/Catchapp%20Bookings/Monday-CatchAppIcon_192px_1.png",
"feedback_url": "[email protected]",
"privacy_policy_url": "https://catchapp.mobi/privacy/",
"external_pricing_url": "https://catchapp.mobi/pricing",
"featured": null,
"security": null,
"display_in_template_store": true,
"acquisition_source": "Existing legacy",
"terms_of_service_url": null,
"label": null,
"app_values": [
"Built for scalability"
],
"security_info": null,
"gallery_assets": [
{
"url": "https://dapulse-res.cloudinary.com/image/upload/v1627213315/monday-apps-marketplace/Catchapp%20Bookings/1-CatchApp.png"
},
{
"url": "https://dapulse-res.cloudinary.com/image/upload/v1627213317/monday-apps-marketplace/Catchapp%20Bookings/2-CatchApp.png"
},
{
"type": "image",
"url": "https://dapulse-res.cloudinary.com/image/upload/v1627213319/monday-apps-marketplace/Catchapp%20Bookings/3-CatchApp.png"
},
{
"url": "https://dapulse-res.cloudinary.com/image/upload/v1627213320/monday-apps-marketplace/Catchapp%20Bookings/4-CatchApp.png"
},
{
"type": "video",
"url": "https://dapulse-res.cloudinary.com/video/upload/v1627893497/monday-apps-marketplace/Catchapp%20Bookings/CatchApp_monday.com_Integration-new.V3mov.mov"
}
],
"pricing_data": "14 days trial",
"marketplace_developer_id": 100000002,
"app_id": 41795,
"marketplace_category_ids": [
8,
6,
5
],
"name": "CatchApp Bookings",
"app_scope_str": "boards:write,boards:read,me:read",
"app_client_id": "812f667f47b07b3fc3e744e31899c3ed",
"app_color": {
"hsl": {
"h": 0,
"s": 0,
"l": 1,
"a": 1
},
"hex": "#ffffff",
"rgb": {
"r": 255,
"g": 255,
"b": 255,
"a": 1
},
"hsv": {
"h": 0,
"s": 0,
"v": 1,
"a": 1
},
"oldHue": 0,
"source": "hex"
},
"created_at": "2021-07-01T14:35:53.000Z",
"updated_at": "2024-10-13T08:07:36.740Z",
"how_to_use_url": "https://i.catchapp.mobi/monday.com",
"automation_app_id": null,
"plans": null,
"featured_for_categories_ids": [],
"pinned_for_categories_ids": [],
"pricing_model": null,
"app_type": null,
"display": null,
"is_connector": true,
"google_analytics_tag_id": null,
"app_live_version": {
"updated_at": "2024-06-04T08:37:52Z",
"id": 10206183
},
"is_solution": null,
"available_for_tiers": null,
"available_for_products": null
}
