Microsoft Forms Embedded

David Simpson Apps Silver•

2,514 installs, since July 4, 2022. 69 installs/month. Updated March 24, 2024.

14 days trial Existing legacy

Marketing

View on Marketplace

Effortlessly embed Microsoft Forms in monday.com.

Effortlessly embed Microsoft Forms in monday.com.

With Microsoft Forms Embedded, you can now collaborate in one single place on both Microsoft Forms and your monday.com account and get the big picture of everything.

• Embed Microsoft Forms in your board views

• Embed Microsoft Forms into your item views

• Embed Microsoft Forms to enhance dashboards and workdocs

Security & Compliance

Security

Does the developer periodically perform penetration testing?

Yes

Does the developer have a dedicated security and privacy point of contact for such issues or questions?

Yes

[email protected]

Does the app restrict redirects and forwards only to approved destinations, or show a warning when redirecting to potentially untrusted content?

Yes

The app does not redirect anywhere and no forwards are permitted.

Does the app protect against mass parameter assignment attacks?

n/a

Does the app perform encoding and sanitization on all user supplied parameters to protect against Cross-Site Scripting?

Yes

Most if not all of our apps use monday.com app settings or board item columns to store data such as URLs for embedding external URLs. As such, we cannot sanitise the data stored in monday.com (even though monday.com will do some of this). We do however ensure that all data is sanitised before accepting it’s use in our apps. An example of this is the URL checking logic: ``` const isUrl = (url) => { try { new URL(url); // trigger catch exception for invalid URLs return true; } catch (e) { return false; } }; ```

Does the developer protect all state-changing actions against Cross-Site Request Forgery (CSRF)?

n/a

Does the developer have mechanisms to notify monday.com in case of a security breach?

Yes

Initial notification would be an email to [email protected]. Subsequently we will follow the process described at:https://dsapps.atlassian.net/wiki/spaces/SEC/pages/4800970753

Does this developer have a process for installing application-level updates and security patches for the service (such as software packages and databases)?

Yes

Our security bugfix policies including patching times are published here:https://dsapps.dev/policies/security-bugfix/ In reality, our fix times are much quicker than the published timeframes: Critical severity bugs (CVSS v2 score >= 8, CVSS v3 score >= 9) are normally fixed within 2 weeks High severity bugs (CVSS v2 score >= 6, CVSS v3 score >= 7) are normally fixed within 3 weeks Medium severity bugs (CVSS v2 score >~= 3, CVSS v3 score >= 4) are normally fixed within 4 weeks

Compliance

Is the app certified with the information security standard ISO/IEC 27001:2022?

Not answered

Is the app compliant with the Health Insurance Portability and Accountability Act (HIPAA)?

Yes

Is the app certified with System and Organization Controls (SOC 2 or SOC 3)?

Not answered

Is the app compliant with the General Data Protection Regulation (GDPR)?

Yes

Data

Does the app send any data outside of monday.com? If yes, indicate whether the data is customer-submitted (e.g., board names, item names, doc content) or non-customer-submitted (e.g., account ID, board ID, user ID).

Where does the app store logs data?

aws

Where does the app store the app data?

monday

Does the developer ensure application logs do not contain secrets or personally-identifiable information (PII)?

Yes

This app is static HTML, so the only logs collected are access logs (which contain no secrets or PII) and analytics (we ensure that no secrets or PII are sent to analytics).

Is customer data segregated from the data of other customers (for example logically or physically)?

Yes

No customer data is stored by us. All data is stored in monday.com settings or storage.

Privacy

Does the developer enforce multi-factor authentication on employees access to systems which may process customer data?

Yes

Multi-factor authentication is enforced for all company systems. All systems require multi-factor authentication using an authenticator app.

Does the developer protect access to customer data based on the principle of least privilege?

Yes

Only company employees who need the data have access to it. We rely on the principle of least privilege for all systems in our company. It you do not need access, you do not have access. Access is monitored regularly and privileges revoked.

Reviews

August 10, 2022

ZV: Cool app!

Installation history

We have data for December 28, 2024 onwards only. Collected sometime after 00:00 UTC daily.

ID: 10000074 • App ID: 10027895 • Listing updated: January 19, 2025

{
  "id": 10000074,
  "description": "<p><strong>Effortlessly embed Microsoft Forms in monday.com.</strong></p><p><br></p><p>With <strong>Microsoft Forms Embedded</strong>, you can now collaborate in one single place on both Microsoft Forms and your monday.com account and get the big picture of everything.&nbsp;</p><p><br></p><p>• Embed Microsoft Forms in your board views</p><p>• Embed Microsoft Forms into your item views</p><p>• Embed Microsoft Forms to enhance dashboards and workdocs</p>",
  "short_description": "Effortlessly embed Microsoft Forms in monday.com.",
  "compliance_answers": [
    {
      "questionId": 19,
      "shortAnswer": false,
      "detailedAnswer": ""
    },
    {
      "questionId": 18,
      "logHostingProvider": "aws",
      "detailedAnswer": ""
    },
    {
      "questionId": 17,
      "dataHostingProvider": "monday",
      "detailedAnswer": ""
    },
    {
      "questionId": 15,
      "shortAnswer": true,
      "detailedAnswer": ""
    },
    {
      "questionId": 14,
      "shortAnswer": true,
      "detailedAnswer": "[email protected]"
    },
    {
      "questionId": 13,
      "shortAnswer": true,
      "detailedAnswer": ""
    },
    {
      "questionId": 11,
      "shortAnswer": true,
      "detailedAnswer": ""
    },
    {
      "questionId": 10,
      "shortAnswer": true,
      "detailedAnswer": "The app does not redirect anywhere and no forwards are permitted."
    },
    {
      "questionId": 9,
      "shortAnswer": false,
      "detailedAnswer": "n/a"
    },
    {
      "questionId": 8,
      "shortAnswer": true,
      "detailedAnswer": "This app is static HTML, so the only logs collected are access logs (which contain no secrets or PII) and analytics (we ensure that no secrets or PII are sent to analytics)."
    },
    {
      "questionId": 7,
      "shortAnswer": true,
      "detailedAnswer": "Multi-factor authentication is enforced for all company systems.\n\nAll systems require multi-factor authentication using an authenticator app.\n"
    },
    {
      "questionId": 6,
      "shortAnswer": true,
      "detailedAnswer": "Only company employees who need the data have access to it.\n\nWe rely on the principle of least privilege for all systems in our company. It you do not need access, you do not have access. Access is monitored regularly and privileges revoked."
    },
    {
      "questionId": 5,
      "shortAnswer": true,
      "detailedAnswer": "Most if not all of our apps use monday.com app settings or board item columns to store data such as URLs for embedding external URLs. As such, we cannot sanitise the data stored in monday.com (even though monday.com will do some of this).\n\nWe do however ensure that all data is sanitised before accepting it’s use in our apps.\n\nAn example of this is the URL checking logic:\n\n```\nconst isUrl = (url) => {\n  try {\n    new URL(url); // trigger catch exception for invalid URLs \n    return true;\n  } catch (e) {\n    return false;\n  }\n};\n```\n"
    },
    {
      "questionId": 4,
      "shortAnswer": false,
      "detailedAnswer": "n/a"
    },
    {
      "questionId": 3,
      "shortAnswer": true,
      "detailedAnswer": "Initial notification would be an email to [email protected].\n\nSubsequently we will follow the process described at:https://dsapps.atlassian.net/wiki/spaces/SEC/pages/4800970753\n"
    },
    {
      "questionId": 2,
      "shortAnswer": true,
      "detailedAnswer": "Our security bugfix policies including patching times are published here:https://dsapps.dev/policies/security-bugfix/ \n\nIn reality, our fix times are much quicker than the published timeframes:\n\nCritical severity bugs (CVSS v2 score >= 8, CVSS v3 score >= 9) are normally fixed within 2 weeks\n\nHigh severity bugs (CVSS v2 score >= 6, CVSS v3 score >= 7) are normally fixed within 3 weeks\n\nMedium severity bugs (CVSS v2 score >~= 3, CVSS v3 score >= 4) are normally fixed within 4 weeks"
    },
    {
      "questionId": 1,
      "shortAnswer": true,
      "detailedAnswer": "No customer data is stored by us. All data is stored in monday.com settings or storage.\n"
    }
  ],
  "badges_data": {
    "pricing_data": "14 days trial",
    "acquisition_source": "Existing legacy",
    "app_values": [
      "Centralize your work on monday.com"
    ]
  },
  "data": {
    "google_analytics_tag_id": "G-4BJTWRJGFL"
  },
  "keywords": " embed ,forms,microsoft ,survey",
  "thumbnail_url": "https://dapulse-res.cloudinary.com/image/upload/v1656949323/monday-apps-marketplace/Microsoft%20Forms%20Embedded/microsoft-forms-app-card.png",
  "logo_url": "https://dapulse-res.cloudinary.com/image/upload/v1656949327/monday-apps-marketplace/Microsoft%20Forms%20Embedded/microsoft-forms-app-icon-blue.png",
  "feedback_url": "https://dsapps.atlassian.net/servicedesk/customer/portals",
  "privacy_policy_url": "https://dsapps.dev/data-security-privacy/",
  "external_pricing_url": "https://dsapps.dev/products/microsoft-forms-in-monday-dot-com/pricing",
  "featured": null,
  "security": null,
  "display_in_template_store": null,
  "acquisition_source": "Existing legacy",
  "terms_of_service_url": null,
  "label": null,
  "app_values": [
    "Centralize your work on monday.com"
  ],
  "security_info": null,
  "gallery_assets": [
    {
      "url": "https://dapulse-res.cloudinary.com/image/upload/v1656949209/monday-apps-marketplace/Microsoft%20Forms%20Embedded/microsoft-forms-gallery-image-1.png"
    },
    {
      "url": "https://dapulse-res.cloudinary.com/image/upload/v1656949212/monday-apps-marketplace/Microsoft%20Forms%20Embedded/microsoft-forms-gallery-image-2.png"
    },
    {
      "url": "https://dapulse-res.cloudinary.com/image/upload/v1656949208/monday-apps-marketplace/Microsoft%20Forms%20Embedded/microsoft-forms-gallery-image-3.png"
    }
  ],
  "pricing_data": "14 days trial",
  "marketplace_developer_id": 10000034,
  "app_id": 10027895,
  "marketplace_category_ids": [
    13
  ],
  "name": "Microsoft Forms Embedded",
  "app_scope_str": "boards:read,account:read,me:read",
  "app_client_id": "f034762de801a911f67b9ccd8aea5e22",
  "app_color": {
    "hsl": {
      "h": 216.36363636363632,
      "s": 0.7333333333333335,
      "l": 0.9117647058823529,
      "a": 1
    },
    "hex": "#d8e5f9",
    "rgb": {
      "r": 216,
      "g": 229,
      "b": 249,
      "a": 1
    },
    "hsv": {
      "h": 216.36363636363632,
      "s": 0.1325301204819277,
      "v": 0.9764705882352941,
      "a": 1
    },
    "oldHue": 220.61538461538458,
    "source": "hex"
  },
  "created_at": "2022-07-04T15:43:50.767Z",
  "updated_at": "2025-01-19T09:03:06.000Z",
  "how_to_use_url": null,
  "automation_app_id": null,
  "plans": [
    {
      "id": "10027895-1-up_to_2",
      "appId": 10027895,
      "appPlanId": "up_to_2",
      "versionId": 1,
      "versionState": "live",
      "name": "Couples",
      "description": "Free for up to 2 team members. This plan comes without support.",
      "extraData": {
        "bullets": [],
        "monthlyFee": 0,
        "yearlyFee": 0,
        "maxSeats": 2
      },
      "isTrial": false,
      "isRecommended": false,
      "isFree": true,
      "currency": "USD",
      "prices": {
        "type": "seat_based",
        "monthly": 0,
        "yearly": 0,
        "maxSeats": 2
      }
    },
    {
      "id": "10027895-1-up_to_3",
      "appId": 10027895,
      "appPlanId": "up_to_3",
      "versionId": 1,
      "versionState": "live",
      "name": "Up to 3 seats",
      "description": "Use the app without any limitations for up to 3 team members.",
      "extraData": {
        "bullets": [],
        "monthlyFee": 3,
        "yearlyFee": 2.7,
        "maxSeats": 3
      },
      "isTrial": false,
      "isRecommended": false,
      "isFree": false,
      "currency": "USD",
      "prices": {
        "type": "seat_based",
        "monthly": 3,
        "yearly": 2.7,
        "maxSeats": 3
      }
    },
    {
      "id": "10027895-1-up_to_5",
      "appId": 10027895,
      "appPlanId": "up_to_5",
      "versionId": 1,
      "versionState": "live",
      "name": "Up to 5 seats",
      "description": "Use the app without any limitations for up to 5 team members.",
      "extraData": {
        "bullets": [],
        "monthlyFee": 5,
        "yearlyFee": 4.5,
        "maxSeats": 5
      },
      "isTrial": false,
      "isRecommended": false,
      "isFree": false,
      "currency": "USD",
      "prices": {
        "type": "seat_based",
        "monthly": 5,
        "yearly": 4.5,
        "maxSeats": 5
      }
    },
    {
      "id": "10027895-1-up_to_10",
      "appId": 10027895,
      "appPlanId": "up_to_10",
      "versionId": 1,
      "versionState": "live",
      "name": "Up to 10 seats",
      "description": "Use the app without any limitations for up to 10 team members.",
      "extraData": {
        "bullets": [],
        "monthlyFee": 10,
        "yearlyFee": 9,
        "maxSeats": 10
      },
      "isTrial": false,
      "isRecommended": false,
      "isFree": false,
      "currency": "USD",
      "prices": {
        "type": "seat_based",
        "monthly": 10,
        "yearly": 9,
        "maxSeats": 10
      }
    },
    {
      "id": "10027895-1-up_to_20",
      "appId": 10027895,
      "appPlanId": "up_to_20",
      "versionId": 1,
      "versionState": "live",
      "name": "Up to 20 seats",
      "description": "Use the app without any limitations for up to 20 team members.",
      "extraData": {
        "bullets": [],
        "monthlyFee": 20,
        "yearlyFee": 18,
        "maxSeats": 20
      },
      "isTrial": false,
      "isRecommended": false,
      "isFree": false,
      "currency": "USD",
      "prices": {
        "type": "seat_based",
        "monthly": 20,
        "yearly": 18,
        "maxSeats": 20
      }
    },
    {
      "id": "10027895-1-up_to_50",
      "appId": 10027895,
      "appPlanId": "up_to_50",
      "versionId": 1,
      "versionState": "live",
      "name": "Up to 50 seats",
      "description": "Use the app without any limitations for up to 50 team members.",
      "extraData": {
        "bullets": [],
        "monthlyFee": 40,
        "yearlyFee": 36,
        "maxSeats": 50
      },
      "isTrial": false,
      "isRecommended": false,
      "isFree": false,
      "currency": "USD",
      "prices": {
        "type": "seat_based",
        "monthly": 40,
        "yearly": 36,
        "maxSeats": 50
      }
    },
    {
      "id": "10027895-1-up_to_100",
      "appId": 10027895,
      "appPlanId": "up_to_100",
      "versionId": 1,
      "versionState": "live",
      "name": "Up to 100 seats",
      "description": "Use the app without any limitations for up to 100 team members.",
      "extraData": {
        "bullets": [],
        "monthlyFee": 60,
        "yearlyFee": 54,
        "maxSeats": 100
      },
      "isTrial": false,
      "isRecommended": false,
      "isFree": false,
      "currency": "USD",
      "prices": {
        "type": "seat_based",
        "monthly": 60,
        "yearly": 54,
        "maxSeats": 100
      }
    },
    {
      "id": "10027895-1-up_to_200",
      "appId": 10027895,
      "appPlanId": "up_to_200",
      "versionId": 1,
      "versionState": "live",
      "name": "Up to 200 seats",
      "description": "Use the app without any limitations for up to 200 team members.",
      "extraData": {
        "bullets": [],
        "monthlyFee": 100,
        "yearlyFee": 90,
        "maxSeats": 200
      },
      "isTrial": false,
      "isRecommended": false,
      "isFree": false,
      "currency": "USD",
      "prices": {
        "type": "seat_based",
        "monthly": 100,
        "yearly": 90,
        "maxSeats": 200
      }
    },
    {
      "id": "10027895-1-up_to_400",
      "appId": 10027895,
      "appPlanId": "up_to_400",
      "versionId": 1,
      "versionState": "live",
      "name": "Up to 400 seats",
      "description": "Use the app without any limitations for up to 400 team members.",
      "extraData": {
        "bullets": [],
        "monthlyFee": 150,
        "yearlyFee": 135,
        "maxSeats": 400
      },
      "isTrial": false,
      "isRecommended": false,
      "isFree": false,
      "currency": "USD",
      "prices": {
        "type": "seat_based",
        "monthly": 150,
        "yearly": 135,
        "maxSeats": 400
      }
    },
    {
      "id": "10027895-1-more_than_400",
      "appId": 10027895,
      "appPlanId": "more_than_400",
      "versionId": 1,
      "versionState": "live",
      "name": "More than 400 seats",
      "description": "Use the app without any limitations for more than 400 team members.",
      "extraData": {
        "bullets": [],
        "monthlyFee": 200,
        "yearlyFee": 180,
        "maxSeats": 1000000
      },
      "isTrial": true,
      "isRecommended": false,
      "isFree": false,
      "currency": "USD",
      "prices": {
        "type": "seat_based",
        "monthly": 200,
        "yearly": 180,
        "maxSeats": 1000000
      }
    }
  ],
  "featured_for_categories_ids": [],
  "pinned_for_categories_ids": [],
  "pricing_model": "seat_based",
  "app_type": null,
  "display": null,
  "is_connector": null,
  "google_analytics_tag_id": "G-4BJTWRJGFL",
  "app_live_version": {
    "updated_at": "2024-03-24T08:45:17Z",
    "id": 10052414
  },
  "is_solution": null,
  "available_for_tiers": null,
  "available_for_products": null
}