Make monday.com work with Microsoft 365 & SharePoint →
apps for monday.com
SLA logo

SLA

evolu software GmbH Security badge

171 installs, since February 15, 2024.   10 installs/month.   Updated May 21, 2025.

Hosted by monday.com Free No touch
Software development Productivity & efficiency Team management
Sign in to install
View on Marketplace
Gallery image Gallery image Gallery image Gallery image Gallery image Gallery image Gallery image Gallery image Gallery image

Track Service Level Agreements - Due Dates, Time in Status

See what the differences are between our Free and our Plus plans.


Elevating Your Service Level Agreement Management

Navigating the complexities of Service Level Agreements (SLAs) requires a tool that's both efficient and reliable. Our app is precisely that – a sophisticated application designed to streamline the management of SLAs across various industries.


By focusing on the core aspects of SLA tracking and compliance, this app stands as an indispensable asset for businesses committed to maintaining exemplary service standards.

Seamlessly integrate Operational Level Agreements (OLAs) with your SLAs, ensuring that internal teams are aligned with external service expectations.


Demo Videos:

Security & Compliance

Security

Does the developer periodically perform penetration testing?

No
As our systems are operated using monday code, we do not perform any penetration testing against this infrastructure. However, we use snyk to detect problems in our Javascript-based applications.

Does the developer have a dedicated security and privacy point of contact for such issues or questions?

Yes
Customers can report security breaches or vulnerabilities via email: [email protected] (see also: https://evolu.software/cloud-security-statement/ )

Does the app restrict redirects and forwards only to approved destinations, or show a warning when redirecting to potentially untrusted content?

Yes
Only our help pages send the user to https://evolu.software/help/... to display the corresponding documentation

Does the app protect against mass parameter assignment attacks?

Yes
We do not use the post parameters directly. After validating the individual post parameters, each parameter is read individually using 'express-validator' matchedData.

Does the app perform encoding and sanitization on all user supplied parameters to protect against Cross-Site Scripting?

Yes
In our integration running with monday code, we secure it as follows. We first use 'dompurify' and then 'express-validator' to check the data type of the parameters passed.

Does the developer protect all state-changing actions against Cross-Site Request Forgery (CSRF)?

Yes
Yes, not necessary. Our app has integrations running in monday code. However, these are not called by the browser and are provided with a JWT (including a shortLivedToken) by monday.com. If no matching token was sent with a POST request, the request is rejected.

Does the developer have mechanisms to notify monday.com in case of a security breach?

Yes

Does this developer have a process for installing application-level updates and security patches for the service (such as software packages and databases)?

Yes
We use monday code for hosing our app. For this reason, the following applies. "... It provides a secure, reliable, and scalable hosting solution to help contribute to widespread app usage. Apps hosted with monday-code are upheld to stringent enterprise-level compliance and security measures, ultimately giving large customers the confidence they need to install the app. ..." https://developer.monday.com/apps/docs/hosting-your-app-with-monday-code Further information can be found here: https://evolu.software/security-bug-fixing-policy/

Compliance

Is the app certified with the information security standard ISO/IEC 27001:2022?

No

Is the app compliant with the Health Insurance Portability and Accountability Act (HIPAA)?

No

Is the app certified with System and Organization Controls (SOC 2 or SOC 3)?

No

Is the app compliant with the General Data Protection Regulation (GDPR)?

Yes
As a European company, we comply with the GDPR aka DSGVO

Data

Does the app send any data outside of monday.com? If yes, indicate whether the data is customer-submitted (e.g., board names, item names, doc content) or non-customer-submitted (e.g., account ID, board ID, user ID).

No

Where does the app store logs data?

monday

Where does the app store the app data?

monday

Does the developer ensure application logs do not contain secrets or personally-identifiable information (PII)?

Yes
We only log the names of the functions called, a success/failure and technical id(s)

Is customer data segregated from the data of other customers (for example logically or physically)?

Yes
We use monday.storage to store the data. For this reason, the following applies. ".. It is compartmentalized according to the accountId and app, so data from one account is not accessible from others..." https://developer.monday.com/apps/docs/mondaystorage#global-level

Privacy

Does the developer enforce multi-factor authentication on employees access to systems which may process customer data?

Yes

Does the developer protect access to customer data based on the principle of least privilege?

Yes
Our servers do not store any customer data and we cannot access the data stored by the app. Only the monday storage and individual columns in the items are used for storage. Further information can be found here: https://evolu.software/privacy-policy/

Reviews

No reviews yet.

Installation history

We have data for December 28, 2024 onwards only. Collected sometime after 00:00 UTC daily.

ID: 10000407App ID: 10111144Listing updated: June 12, 2025