The IM Live Chat for monday: Emojis, Attachments, and more
As a monday.com user, you know the challenges of juggling multiple communication platforms and permissions to collaborate with your team and external stakeholders.
Introducing Chat App - the ultimate solution to manage your conversations with clients and team members in one sleek, fast, and familiar interface.
Designed to be fully integrated into the monday.com ecosystem, Chat App brings everyone together right within your familiar boards and workflows. Say goodbye to the hassle of switching between apps and the constant struggle of managing access privileges.
Here are some of the features that make Chat App a must for teams of all sizes:
• Rich Messaging: Elevate your interactions with emojis, formatting, and other expressive elements. Make your coordination, updates, and casual conversations more meaningful and engaging.
• Direct Mentions: Ensure that important messages never get lost in the shuffle. Instantly notify specific team members with a simple tag, keeping everyone on the same page.
• Read Receipts: Never wonder if your message was received. Chat App allows you to see who has read your messages, keeping you informed and in control of your communication.
• Seamless File & Media Sharing: Share any type of file or image natively within Chat App, without the need to switch between platforms. Upload project mockups, documents, videos, and more with just a few clicks, streamlining your collaboration.
• Voice Notes: For those times when typing just won't do, use our quick-send voice note feature to convey your messages in a personal, time-saving manner.
Experience the power of efficient, integrated communication with Chat App. Whether you're coordinating with your internal team or hosting external guests on your monday.com boards, this app is designed to be the seamless solution you've been waiting for.
Book a demo with our founder here, or get started with our free trial right away!
Security & Compliance
Security
Does the developer periodically perform penetration testing?
Yes
Does the developer have a dedicated security and privacy point of contact for such issues or questions?
Does the app restrict redirects and forwards only to approved destinations, or show a warning when redirecting to potentially untrusted content?
Yes
We have a popup for all external clickable links that asks the user to confirm he wants to open said link on a new tab
Does the app protect against mass parameter assignment attacks?
Yes
We use realtime websockets which are rate-limited and rate-controlled by nature. This means attackers can't "spam" http requests nor do any mass parameter assignment attacks. Any other realtime-related potential issues are handled for by supabase realtime.
Does the app perform encoding and sanitization on all user supplied parameters to protect against Cross-Site Scripting?
No
While PostgREST automatically parametrizes all requests and checks authentication every time, we use JWTs for authentication, along with monday.com authentication tokens. We do have XSS protection in place, but we're still working on it.
Does the developer protect all state-changing actions against Cross-Site Request Forgery (CSRF)?
Yes
Our frontend is hosted on Vercel that automatically ensures security on internal endpoint is top notch, and all our backend points of contact have CSRF checks in place.
Does the developer have mechanisms to notify monday.com in case of a security breach?
Yes
In case of a security breach, we have industry-standard SOPs and security-specific protocols in place that act as a todo list to make sure all involved parties know what's happening as soon as possible. This includes notifying monday through the app marketplace team of any security breach and collaborate to solve it as soon as possible.
Does this developer have a process for installing application-level updates and security patches for the service (such as software packages and databases)?
Yes
Every time a new version of Postgres/PostgREST/any other front or backend library gets published that solves a security issue, dependabot for the frontend or supabase for the backend will open a PR or notify us, so we can immediately update the server. We run migrations to automatically update and pack all kinds of vulnerabilities. This means we can patch vulnerabilities the very moment we receive the notification.
Compliance
Is the app certified with the information security standard ISO/IEC 27001:2022?
Not answered
Is the app compliant with the Health Insurance Portability and Accountability Act (HIPAA)?
No
We're working towards being HIPAA compliant and we expect it to happen within the next 6 months
Is the app certified with System and Organization Controls (SOC 2 or SOC 3)?
No
We're working towards being SOC2 compliant and we expect it to happen within the next 6 months
Is the app compliant with the General Data Protection Regulation (GDPR)?
Yes
We don't store cookies nor track users in any way, shape, or form.
Data
Does the app send any data outside of monday.com? If yes, indicate whether the data is customer-submitted (e.g., board names, item names, doc content) or non-customer-submitted (e.g., account ID, board ID, user ID).
Not answered
Where does the app store logs data?
Not answered
Where does the app store the app data?
Not answered
Does the developer ensure application logs do not contain secrets or personally-identifiable information (PII)?
Yes
We don't need to ship secrets to the client, and all our server logging is done through Sentry, which automatically encrypts all secrets.
Is customer data segregated from the data of other customers (for example logically or physically)?
Yes
We store user data in the same table, but logically separate it through Row Level Security policies that enforce users to only be able to access their own data. No user is able to select any other users' data, since all queries are routed and secured through PostgREST, which uses parametrization, among many other security prevention systems, to make sure the RLS in place checks for eventual malicious requests. In the evenience of one of those requests, RLS will still be enforced, so the user won't be able to access other users' data.
Privacy
Does the developer enforce multi-factor authentication on employees access to systems which may process customer data?
Yes
Every employee at our company has MFA set up on his GitHub, his Supabase account, his Netlify account, and his Vercel account. We use Dashlane or iCloud KeyChain to generate complex and secure passwords, and to save authentication codes. We also use biometric authentication when that's an option.
Does the developer protect access to customer data based on the principle of least privilege?
Yes
Every employee at the company is under NDA. Nobody can access data without explicit authorization to access the postgresql web interface.
Reviews
No reviews yet.
Installation history
We have data for December 28, 2024 onwards only. Collected sometime after 00:00 UTC daily.
{
"id": 10000464,
"description": "<p>As a monday.com user, you know the challenges of juggling multiple communication platforms and permissions to collaborate with your team and external stakeholders.</p><p><em>Introducing Chat App - the ultimate solution to manage your conversations with clients and team members in one sleek, fast, and familiar interface.</em></p><p>Designed to be fully integrated into the monday.com ecosystem, <u>Chat App brings everyone together right within your familiar boards and workflows</u>. Say goodbye to the hassle of switching between apps and the constant struggle of managing access privileges.</p><p>Here are some of the features that make Chat App a must for teams of all sizes:</p><p>• <strong>Rich Messaging</strong>: Elevate your interactions with emojis, formatting, and other expressive elements. Make your coordination, updates, and casual conversations more meaningful and engaging.</p><p>• <strong>Direct Mentions</strong>: Ensure that important messages never get lost in the shuffle. Instantly notify specific team members with a simple tag, keeping everyone on the same page.</p><p>• <strong>Read Receipts</strong>: Never wonder if your message was received. Chat App allows you to see who has read your messages, keeping you informed and in control of your communication.</p><p>• <strong>Seamless File & Media Sharing</strong>: Share any type of file or image natively within Chat App, without the need to switch between platforms. Upload project mockups, documents, videos, and more <u>with just a few clicks</u>, streamlining your collaboration.</p><p>• <strong>Voice Notes</strong>: For those times when typing just won't do, use our quick-send voice note feature to convey your messages in a personal, time-saving manner.</p><p>Experience the power of <em>efficient, integrated communication with Chat App</em>. Whether you're coordinating with your internal team or hosting external guests on your monday.com boards, this app is designed to be the seamless solution you've been waiting for.</p><p><a href=\"https://cal.com/lucameneghetti/chat-app-demo\" rel=\"noopener noreferrer\" target=\"_blank\">Book a demo</a> with our founder here, or get started with our free trial right away!</p>",
"short_description": "The IM Live Chat for monday: Emojis, Attachments, and more",
"compliance_answers": [
{
"questionId": 1,
"shortAnswer": true,
"detailedAnswer": "We store user data in the same table, but logically separate it through Row Level Security policies that enforce users to only be able to access their own data.\nNo user is able to select any other users' data, since all queries are routed and secured through PostgREST, which uses parametrization, among many other security prevention systems, to make sure the RLS in place checks for eventual malicious requests. In the evenience of one of those requests, RLS will still be enforced, so the user won't be able to access other users' data."
},
{
"questionId": 2,
"shortAnswer": true,
"detailedAnswer": "Every time a new version of Postgres/PostgREST/any other front or backend library gets published that solves a security issue, dependabot for the frontend or supabase for the backend will open a PR or notify us, so we can immediately update the server. We run migrations to automatically update and pack all kinds of vulnerabilities. This means we can patch vulnerabilities the very moment we receive the notification."
},
{
"questionId": 3,
"shortAnswer": true,
"detailedAnswer": "In case of a security breach, we have industry-standard SOPs and security-specific protocols in place that act as a todo list to make sure all involved parties know what's happening as soon as possible. This includes notifying monday through the app marketplace team of any security breach and collaborate to solve it as soon as possible."
},
{
"questionId": 4,
"shortAnswer": true,
"detailedAnswer": "Our frontend is hosted on Vercel that automatically ensures security on internal endpoint is top notch, and all our backend points of contact have CSRF checks in place."
},
{
"questionId": 5,
"shortAnswer": false,
"detailedAnswer": "While PostgREST automatically parametrizes all requests and checks authentication every time, we use JWTs for authentication, along with monday.com authentication tokens. We do have XSS protection in place, but we're still working on it."
},
{
"questionId": 6,
"shortAnswer": true,
"detailedAnswer": "Every employee at the company is under NDA. Nobody can access data without explicit authorization to access the postgresql web interface."
},
{
"questionId": 7,
"shortAnswer": true,
"detailedAnswer": "Every employee at our company has MFA set up on his GitHub, his Supabase account, his Netlify account, and his Vercel account. We use Dashlane or iCloud KeyChain to generate complex and secure passwords, and to save authentication codes. We also use biometric authentication when that's an option."
},
{
"questionId": 8,
"shortAnswer": true,
"detailedAnswer": "We don't need to ship secrets to the client, and all our server logging is done through Sentry, which automatically encrypts all secrets."
},
{
"questionId": 9,
"shortAnswer": true,
"detailedAnswer": "We use realtime websockets which are rate-limited and rate-controlled by nature. This means attackers can't \"spam\" http requests nor do any mass parameter assignment attacks. Any other realtime-related potential issues are handled for by supabase realtime."
},
{
"questionId": 10,
"shortAnswer": true,
"detailedAnswer": "We have a popup for all external clickable links that asks the user to confirm he wants to open said link on a new tab"
},
{
"questionId": 11,
"shortAnswer": true,
"detailedAnswer": "We don't store cookies nor track users in any way, shape, or form."
},
{
"questionId": 12,
"shortAnswer": false,
"detailedAnswer": "We're working towards being SOC2 compliant and we expect it to happen within the next 6 months"
},
{
"questionId": 13,
"shortAnswer": false,
"detailedAnswer": "We're working towards being HIPAA compliant and we expect it to happen within the next 6 months"
},
{
"questionId": 14,
"shortAnswer": true,
"detailedAnswer": "[email protected]"
},
{
"questionId": 15,
"shortAnswer": true
}
],
"badges_data": {
"pricing_data": "14 days trial",
"acquisition_source": "No touch",
"app_values": [
"Centralize your work on monday.com"
]
},
"data": {
"terms_of_service_url": "https://www.sundaydevs.com/terms",
"google_analytics_tag_id": "G-915EG7HSPX"
},
"keywords": "file sharing, chat, instant messaging, chat app, monday chat, productivity, voice messages, collaboration, communication, integrated",
"thumbnail_url": "https://dapulse-res.cloudinary.com/image/upload/v1716137930/monday-apps-marketplace/Chat%20App%20-%20Instant%20Messenger/Chat___Share.png",
"logo_url": "https://dapulse-res.cloudinary.com/image/upload/v1716137930/monday-apps-marketplace/Chat%20App%20-%20Instant%20Messenger/chatapp-icon.png",
"feedback_url": "[email protected]",
"privacy_policy_url": "https://www.sundaydevs.com/privacy",
"external_pricing_url": null,
"featured": null,
"security": null,
"display_in_template_store": null,
"acquisition_source": "No touch",
"terms_of_service_url": "https://www.sundaydevs.com/terms",
"label": null,
"app_values": [
"Centralize your work on monday.com"
],
"security_info": null,
"gallery_assets": [
{
"url": "https://dapulse-res.cloudinary.com/image/upload/v1716137914/monday-apps-marketplace/Chat%20App%20-%20Instant%20Messenger/1.png"
},
{
"url": "https://dapulse-res.cloudinary.com/image/upload/v1716137914/monday-apps-marketplace/Chat%20App%20-%20Instant%20Messenger/2.png"
},
{
"url": "https://dapulse-res.cloudinary.com/image/upload/v1716137914/monday-apps-marketplace/Chat%20App%20-%20Instant%20Messenger/3.png"
},
{
"url": "https://dapulse-res.cloudinary.com/image/upload/v1716137915/monday-apps-marketplace/Chat%20App%20-%20Instant%20Messenger/4.png"
},
{
"url": "https://dapulse-res.cloudinary.com/image/upload/v1716137915/monday-apps-marketplace/Chat%20App%20-%20Instant%20Messenger/5.png"
}
],
"pricing_data": "14 days trial",
"marketplace_developer_id": 10000199,
"app_id": 10139958,
"marketplace_category_ids": [
8,
6,
5
],
"name": "Chat App - Instant Messenger",
"app_scope_str": "notifications:write,boards:read",
"app_client_id": "09c87c7414dc9b6fc7c2bd4e32f6b402",
"app_color": {
"hsl": {
"h": 60,
"s": 1,
"l": 0.5,
"a": 1
},
"hex": "#ffff00",
"rgb": {
"r": 255,
"g": 255,
"b": 0,
"a": 1
},
"hsv": {
"h": 60,
"s": 1,
"v": 1,
"a": 1
},
"oldHue": 27.613636363636363,
"source": "hex"
},
"created_at": "2024-05-19T16:59:18.727Z",
"updated_at": "2024-11-26T08:48:01.635Z",
"how_to_use_url": "https://www.sundaydevs.com/#how-to-use",
"automation_app_id": null,
"plans": [
{
"id": "10139958-1-starter-plan",
"appId": 10139958,
"appPlanId": "starter-plan",
"versionId": 1,
"versionState": "live",
"name": "Starter",
"description": "Start chatting with your teammates right away. Up to one chat. Collaborate Plan",
"extraData": {
"bullets": [
"Just one view",
"Up to 3 people added to the view",
"Unlimited message history, read receips, and see who's typing",
"Send images, files, and voice messages",
"1 MB file size"
],
"monthlyFee": 5,
"yearlyFee": 3,
"maxSeats": 3
},
"isTrial": false,
"isRecommended": false,
"isFree": false,
"currency": "USD",
"prices": {
"type": "seat_based",
"monthly": 5,
"yearly": 3,
"maxSeats": 3
}
},
{
"id": "10139958-1-collaborate-plan",
"appId": 10139958,
"appPlanId": "collaborate-plan",
"versionId": 1,
"versionState": "live",
"name": "Collaborate",
"description": "Send bigger files, add more team members, and work faster with the integrated chat app.",
"extraData": {
"bullets": [
"Unlimited views and boards",
"Up to 20 users on the board",
"Unlimited message history, read receips, and see who's typing",
"Send images, files, and voice messages",
"Up to 10 MB file size"
],
"monthlyFee": 27,
"yearlyFee": 20,
"maxSeats": 20
},
"isTrial": false,
"isRecommended": false,
"isFree": false,
"currency": "USD",
"prices": {
"type": "seat_based",
"monthly": 27,
"yearly": 20,
"maxSeats": 20
}
},
{
"id": "10139958-1-unlimited-plan",
"appId": 10139958,
"appPlanId": "unlimited-plan",
"versionId": 1,
"versionState": "live",
"name": "Unlimited",
"description": "Huge files, unlimited team members and unbeatable performance.",
"extraData": {
"bullets": [
"Unlimited views and boards",
"Unlimited users",
"Unlimited message history, read receips, and see who's typing",
"Send images, files, and voice messages",
"Up to 1 GB file size"
],
"monthlyFee": 77,
"yearlyFee": 67,
"maxSeats": 1000000
},
"isTrial": true,
"isRecommended": false,
"isFree": false,
"currency": "USD",
"prices": {
"type": "seat_based",
"monthly": 77,
"yearly": 67,
"maxSeats": 1000000
}
},
{
"id": "10139958-2-starter-plan",
"appId": 10139958,
"appPlanId": "starter-plan",
"versionId": 2,
"versionState": "live",
"name": "Starter",
"description": "Start chatting with your teammates right away. Up to one chat. Collaborate Plan",
"extraData": {
"bullets": [
"Just one view",
"Up to 3 people added to the view",
"Unlimited message history, read receips, and see who's typing",
"Send images, files, and voice messages",
"1 MB file size"
],
"monthlyFee": 5,
"yearlyFee": 3,
"maxSeats": 3
},
"isTrial": false,
"isRecommended": false,
"isFree": false,
"currency": "USD",
"prices": {
"type": "seat_based",
"monthly": 5,
"yearly": 3,
"maxSeats": 3
}
},
{
"id": "10139958-2-organize-plan",
"appId": 10139958,
"appPlanId": "organize-plan",
"versionId": 2,
"versionState": "live",
"name": "Organize",
"description": "Send bigger files, add more team members, and work faster with the integrated chat app.",
"extraData": {
"bullets": [
"Unlimited views and boards",
"Up to 25 users on the board",
"Unlimited message history, read receips, and see who's typing",
"Send images, files, and voice messages",
"Up to 25 MB file size"
],
"monthlyFee": 27,
"yearlyFee": 20,
"maxSeats": 25
},
"isTrial": false,
"isRecommended": false,
"isFree": false,
"currency": "USD",
"prices": {
"type": "seat_based",
"monthly": 27,
"yearly": 20,
"maxSeats": 25
}
},
{
"id": "10139958-2-unlimited-plan",
"appId": 10139958,
"appPlanId": "unlimited-plan",
"versionId": 2,
"versionState": "live",
"name": "Unlimited",
"description": "Huge files, unlimited team members and unbeatable performance.",
"extraData": {
"bullets": [
"Unlimited views and boards",
"Unlimited users",
"Unlimited message history, read receips, and see who's typing",
"Send images, huge files, and voice messages",
"Up to 1 GB file size"
],
"monthlyFee": 77,
"yearlyFee": 70,
"maxSeats": 1000000
},
"isTrial": true,
"isRecommended": false,
"isFree": false,
"currency": "USD",
"prices": {
"type": "seat_based",
"monthly": 77,
"yearly": 70,
"maxSeats": 1000000
}
},
{
"id": "10139958-2-collaborate-plan",
"appId": 10139958,
"appPlanId": "collaborate-plan",
"versionId": 2,
"versionState": "live",
"name": "Collaborate",
"description": "Collaborate on larger projects and chat with even more guests and users.",
"extraData": {
"bullets": [
"Unlimited views and boards",
"Up to 10 users on the board",
"Unlimited message history, read receips, and see who's typing",
"Send images, large files, and voice messages",
"Up to 10 MB file size"
],
"monthlyFee": 15,
"yearlyFee": 10,
"maxSeats": 10
},
"isTrial": false,
"isRecommended": false,
"isFree": false,
"currency": "USD",
"prices": {
"type": "seat_based",
"monthly": 15,
"yearly": 10,
"maxSeats": 10
}
}
],
"featured_for_categories_ids": [],
"pinned_for_categories_ids": [],
"pricing_model": null,
"app_type": "app",
"display": null,
"is_connector": null,
"google_analytics_tag_id": "G-915EG7HSPX",
"app_live_version": {
"updated_at": "2024-05-10T12:32:02Z",
"id": 10242023
},
"is_solution": null,
"available_for_tiers": null,
"available_for_products": null
}
