With Google Forms Embedded, you can now collaborate in one single place on both Google Forms and your monday.com account and get the big picture of everything.
• Embed Google Forms in your board views
• Embed Google Forms into your item views
• Embed Google Forms to enhance dashboards and workdocs
Security & Compliance
Security
Does the developer periodically perform penetration testing?
Not answered
Does the developer have a dedicated security and privacy point of contact for such issues or questions?
Not answered
Does the app restrict redirects and forwards only to approved destinations, or show a warning when redirecting to potentially untrusted content?
Yes
The app does not redirect anywhere and no forwards are permitted.
Does the app protect against mass parameter assignment attacks?
No
n/a
Does the app perform encoding and sanitization on all user supplied parameters to protect against Cross-Site Scripting?
Yes
Most if not all of our apps use monday.com app settings or board item columns to store data such as URLs for embedding external URLs. As such, we cannot sanitise the data stored in monday.com (even though monday.com will do some of this). We do however ensure that all data is sanitised before accepting it’s use in our apps. An example of this is the URL checking logic: ``` const isUrl = (url) => { try { new URL(url); // trigger catch exception for invalid URLs return true; } catch (e) { return false; } }; ```
Does the developer protect all state-changing actions against Cross-Site Request Forgery (CSRF)?
No
n/a
Does the developer have mechanisms to notify monday.com in case of a security breach?
Yes
Initial notification would be an email to [email protected]. Subsequently we will follow the process described at:https://dsapps.atlassian.net/wiki/spaces/SEC/pages/4800970753
Does this developer have a process for installing application-level updates and security patches for the service (such as software packages and databases)?
Yes
Our security bugfix policies including patching times are published here: https://dsapps.dev/policies/security-bugfix/ In reality, our fix times are much quicker than the published timeframes: Critical severity bugs (CVSS v2 score >= 8, CVSS v3 score >= 9) are normally fixed within 2 weeks High severity bugs (CVSS v2 score >= 6, CVSS v3 score >= 7) are normally fixed within 3 weeks Medium severity bugs (CVSS v2 score >~= 3, CVSS v3 score >= 4) are normally fixed within 4 weeks
Compliance
Is the app certified with the information security standard ISO/IEC 27001:2022?
Not answered
Is the app compliant with the Health Insurance Portability and Accountability Act (HIPAA)?
Not answered
Is the app certified with System and Organization Controls (SOC 2 or SOC 3)?
Not answered
Is the app compliant with the General Data Protection Regulation (GDPR)?
Not answered
Data
Does the app send any data outside of monday.com? If yes, indicate whether the data is customer-submitted (e.g., board names, item names, doc content) or non-customer-submitted (e.g., account ID, board ID, user ID).
Not answered
Where does the app store logs data?
Not answered
Where does the app store the app data?
Not answered
Does the developer ensure application logs do not contain secrets or personally-identifiable information (PII)?
Yes
This app is static HTML, so the only logs collected are access logs (which contain no secrets or PII) and analytics (we ensure that no secrets or PII are sent to analytics).
Is customer data segregated from the data of other customers (for example logically or physically)?
Yes
No customer data is stored by us at all. All data is stored in monday.com settings or storage, so will be segregated by being in separate monday.com instances.
Privacy
Does the developer enforce multi-factor authentication on employees access to systems which may process customer data?
Yes
Multi-factor authentication is enforced for all company systems. All systems require multi-factor authentication using an authenticator app.
Does the developer protect access to customer data based on the principle of least privilege?
Yes
Only company employees who need the data have access to it. We rely on the principle of least privilege for all systems in our company. It you do not need access, you do not have access. Access is monitored regularly and privileges revoked.
Reviews
No reviews yet.
Installation history
We have data for December 28, 2024 onwards only. Collected sometime after 00:00 UTC daily.
{
"id": 10000073,
"description": "<p><strong>Effortlessly embed Google Forms in monday.com.</strong></p><p><br></p><p>With <strong>Google Forms Embedded</strong>, you can now collaborate in one single place on both Google Forms and your monday.com account and get the big picture of everything. </p><p><br></p><p>• Embed Google Forms in your board views</p><p>• Embed Google Forms into your item views</p><p>• Embed Google Forms to enhance dashboards and workdocs</p>",
"short_description": "Effortlessly embed Google Forms in monday.com.\n",
"compliance_answers": [
{
"questionId": 1,
"shortAnswer": true,
"detailedAnswer": "No customer data is stored by us at all.\n\nAll data is stored in monday.com settings or storage, so will be segregated by being in separate monday.com instances.\n"
},
{
"questionId": 2,
"shortAnswer": true,
"detailedAnswer": "Our security bugfix policies including patching times are published here: https://dsapps.dev/policies/security-bugfix/ \n\nIn reality, our fix times are much quicker than the published timeframes:\n\nCritical severity bugs (CVSS v2 score >= 8, CVSS v3 score >= 9) are normally fixed within 2 weeks\n\nHigh severity bugs (CVSS v2 score >= 6, CVSS v3 score >= 7) are normally fixed within 3 weeks\n\nMedium severity bugs (CVSS v2 score >~= 3, CVSS v3 score >= 4) are normally fixed within 4 weeks"
},
{
"questionId": 3,
"shortAnswer": true,
"detailedAnswer": "Initial notification would be an email to [email protected].\n\nSubsequently we will follow the process described at:https://dsapps.atlassian.net/wiki/spaces/SEC/pages/4800970753\n"
},
{
"questionId": 4,
"shortAnswer": false,
"detailedAnswer": "n/a"
},
{
"questionId": 5,
"shortAnswer": true,
"detailedAnswer": "Most if not all of our apps use monday.com app settings or board item columns to store data such as URLs for embedding external URLs. As such, we cannot sanitise the data stored in monday.com (even though monday.com will do some of this).\n\nWe do however ensure that all data is sanitised before accepting it’s use in our apps.\n\nAn example of this is the URL checking logic:\n\n```\nconst isUrl = (url) => {\n try {\n new URL(url); // trigger catch exception for invalid URLs \n return true;\n } catch (e) {\n return false;\n }\n};\n```\n"
},
{
"questionId": 6,
"detailedAnswer": "Only company employees who need the data have access to it.\n\nWe rely on the principle of least privilege for all systems in our company. It you do not need access, you do not have access. Access is monitored regularly and privileges revoked.",
"shortAnswer": true
},
{
"questionId": 7,
"shortAnswer": true,
"detailedAnswer": "Multi-factor authentication is enforced for all company systems.\n\nAll systems require multi-factor authentication using an authenticator app."
},
{
"questionId": 8,
"shortAnswer": true,
"detailedAnswer": "This app is static HTML, so the only logs collected are access logs (which contain no secrets or PII) and analytics (we ensure that no secrets or PII are sent to analytics)."
},
{
"questionId": 9,
"shortAnswer": false,
"detailedAnswer": "n/a"
},
{
"questionId": 10,
"shortAnswer": true,
"detailedAnswer": "The app does not redirect anywhere and no forwards are permitted.\n"
}
],
"badges_data": {
"pricing_data": "14 days trial",
"acquisition_source": "Existing legacy",
"app_values": [
"Centralize your work on monday.com"
]
},
"data": {
"google_analytics_tag_id": "G-4BJTWRJGFL"
},
"keywords": " embed ,forms,google ",
"thumbnail_url": "https://dapulse-res.cloudinary.com/image/upload/v1656948382/monday-apps-marketplace/Google%20Forms%20Embedded/google-forms-app-card.png",
"logo_url": "https://dapulse-res.cloudinary.com/image/upload/v1656948380/monday-apps-marketplace/Google%20Forms%20Embedded/google-forms-app-icon-blue.png",
"feedback_url": "https://dsapps.atlassian.net/servicedesk/customer/portals",
"privacy_policy_url": "https://dsapps.dev/data-security-privacy/",
"external_pricing_url": "https://dsapps.dev/products/google-forms-in-monday-dot-com/pricing",
"featured": null,
"security": null,
"display_in_template_store": null,
"acquisition_source": "Existing legacy",
"terms_of_service_url": null,
"label": null,
"app_values": [
"Centralize your work on monday.com"
],
"security_info": null,
"gallery_assets": [
{
"url": "https://dapulse-res.cloudinary.com/image/upload/v1656948363/monday-apps-marketplace/Google%20Forms%20Embedded/google-forms-gallery-image-1.png"
},
{
"url": "https://dapulse-res.cloudinary.com/image/upload/v1656948364/monday-apps-marketplace/Google%20Forms%20Embedded/google-forms-gallery-image-2.png"
},
{
"url": "https://dapulse-res.cloudinary.com/image/upload/v1656948362/monday-apps-marketplace/Google%20Forms%20Embedded/google-forms-gallery-image-3.png"
},
{
"url": "https://dapulse-res.cloudinary.com/image/upload/v1656948365/monday-apps-marketplace/Google%20Forms%20Embedded/google-forms-gallery-image-4.png"
}
],
"pricing_data": "14 days trial",
"marketplace_developer_id": 10000034,
"app_id": 10028084,
"marketplace_category_ids": [
6,
4
],
"name": "Google Forms Embedded",
"app_scope_str": "boards:read,me:read,account:read",
"app_client_id": "0710ba373758b97b07d86a6067202c2b",
"app_color": {
"hsl": {
"h": 216.36363636363632,
"s": 0.7333333333333335,
"l": 0.9117647058823529,
"a": 1
},
"hex": "#d8e5f9",
"rgb": {
"r": 216,
"g": 229,
"b": 249,
"a": 1
},
"hsv": {
"h": 216.36363636363632,
"s": 0.1325301204819277,
"v": 0.9764705882352941,
"a": 1
},
"oldHue": 220.61538461538458,
"source": "hex"
},
"created_at": "2022-07-04T15:31:45.404Z",
"updated_at": "2024-11-07T12:46:32.808Z",
"how_to_use_url": "",
"automation_app_id": null,
"plans": [
{
"id": "10028084-1-up_to_2",
"appId": 10028084,
"appPlanId": "up_to_2",
"versionId": 1,
"versionState": "live",
"name": "Couples",
"description": "Free for up to 2 team members. This plan comes without support.",
"extraData": {
"bullets": [],
"monthlyFee": 0,
"yearlyFee": 0,
"maxSeats": 2
},
"isTrial": false,
"isRecommended": false,
"isFree": true,
"currency": "USD",
"prices": {
"type": "seat_based",
"monthly": 0,
"yearly": 0,
"maxSeats": 2
}
},
{
"id": "10028084-1-up_to_3",
"appId": 10028084,
"appPlanId": "up_to_3",
"versionId": 1,
"versionState": "live",
"name": "Up to 3 seats",
"description": "Use the app without any limitations for up to 3 team members.",
"extraData": {
"bullets": [],
"monthlyFee": 3,
"yearlyFee": 2.7,
"maxSeats": 3
},
"isTrial": false,
"isRecommended": false,
"isFree": false,
"currency": "USD",
"prices": {
"type": "seat_based",
"monthly": 3,
"yearly": 2.7,
"maxSeats": 3
}
},
{
"id": "10028084-1-up_to_5",
"appId": 10028084,
"appPlanId": "up_to_5",
"versionId": 1,
"versionState": "live",
"name": "Up to 5 seats",
"description": "Use the app without any limitations for up to 5 team members.",
"extraData": {
"bullets": [],
"monthlyFee": 5,
"yearlyFee": 4.5,
"maxSeats": 5
},
"isTrial": false,
"isRecommended": false,
"isFree": false,
"currency": "USD",
"prices": {
"type": "seat_based",
"monthly": 5,
"yearly": 4.5,
"maxSeats": 5
}
},
{
"id": "10028084-1-up_to_10",
"appId": 10028084,
"appPlanId": "up_to_10",
"versionId": 1,
"versionState": "live",
"name": "Up to 10 seats",
"description": "Use the app without any limitations for up to 10 team members.",
"extraData": {
"bullets": [],
"monthlyFee": 10,
"yearlyFee": 9,
"maxSeats": 10
},
"isTrial": false,
"isRecommended": false,
"isFree": false,
"currency": "USD",
"prices": {
"type": "seat_based",
"monthly": 10,
"yearly": 9,
"maxSeats": 10
}
},
{
"id": "10028084-1-up_to_20",
"appId": 10028084,
"appPlanId": "up_to_20",
"versionId": 1,
"versionState": "live",
"name": "Up to 20 seats",
"description": "Use the app without any limitations for up to 20 team members.",
"extraData": {
"bullets": [],
"monthlyFee": 20,
"yearlyFee": 18,
"maxSeats": 20
},
"isTrial": false,
"isRecommended": false,
"isFree": false,
"currency": "USD",
"prices": {
"type": "seat_based",
"monthly": 20,
"yearly": 18,
"maxSeats": 20
}
},
{
"id": "10028084-1-up_to_50",
"appId": 10028084,
"appPlanId": "up_to_50",
"versionId": 1,
"versionState": "live",
"name": "Up to 50 seats",
"description": "Use the app without any limitations for up to 50 team members.",
"extraData": {
"bullets": [],
"monthlyFee": 40,
"yearlyFee": 36,
"maxSeats": 50
},
"isTrial": false,
"isRecommended": false,
"isFree": false,
"currency": "USD",
"prices": {
"type": "seat_based",
"monthly": 40,
"yearly": 36,
"maxSeats": 50
}
},
{
"id": "10028084-1-up_to_100",
"appId": 10028084,
"appPlanId": "up_to_100",
"versionId": 1,
"versionState": "live",
"name": "Up to 100 seats",
"description": "Use the app without any limitations for up to 100 team members.",
"extraData": {
"bullets": [],
"monthlyFee": 60,
"yearlyFee": 54,
"maxSeats": 100
},
"isTrial": false,
"isRecommended": false,
"isFree": false,
"currency": "USD",
"prices": {
"type": "seat_based",
"monthly": 60,
"yearly": 54,
"maxSeats": 100
}
},
{
"id": "10028084-1-up_to_200",
"appId": 10028084,
"appPlanId": "up_to_200",
"versionId": 1,
"versionState": "live",
"name": "Up to 200 seats",
"description": "Use the app without any limitations for up to 200 team members.",
"extraData": {
"bullets": [],
"monthlyFee": 100,
"yearlyFee": 90,
"maxSeats": 200
},
"isTrial": false,
"isRecommended": false,
"isFree": false,
"currency": "USD",
"prices": {
"type": "seat_based",
"monthly": 100,
"yearly": 90,
"maxSeats": 200
}
},
{
"id": "10028084-1-up_to_400",
"appId": 10028084,
"appPlanId": "up_to_400",
"versionId": 1,
"versionState": "live",
"name": "Up to 400 seats",
"description": "Use the app without any limitations for up to 400 team members.",
"extraData": {
"bullets": [],
"monthlyFee": 150,
"yearlyFee": 135,
"maxSeats": 400
},
"isTrial": false,
"isRecommended": false,
"isFree": false,
"currency": "USD",
"prices": {
"type": "seat_based",
"monthly": 150,
"yearly": 135,
"maxSeats": 400
}
},
{
"id": "10028084-1-more_than_400",
"appId": 10028084,
"appPlanId": "more_than_400",
"versionId": 1,
"versionState": "live",
"name": "More than 400 seats",
"description": "Use the app without any limitations for more than 400 team members.",
"extraData": {
"bullets": [],
"monthlyFee": 200,
"yearlyFee": 180,
"maxSeats": 1000000
},
"isTrial": true,
"isRecommended": false,
"isFree": false,
"currency": "USD",
"prices": {
"type": "seat_based",
"monthly": 200,
"yearly": 180,
"maxSeats": 1000000
}
}
],
"featured_for_categories_ids": [],
"pinned_for_categories_ids": [],
"pricing_model": "seat_based",
"app_type": null,
"display": null,
"is_connector": null,
"google_analytics_tag_id": "G-4BJTWRJGFL",
"app_live_version": {
"updated_at": "2024-03-24T08:45:17Z",
"id": 10052467
},
"is_solution": null,
"available_for_tiers": null,
"available_for_products": null
}
