Risk Score
0 = very fair · 100 = very risky
Summary
This is monday.com's Terms of Service for their cloud-based project management platform, last updated May 2026. The document is moderately balanced for a SaaS product but contains several provisions that significantly favor monday.com, including broad IP rights over feedback, the ability to modify or discontinue services at will, and wide-ranging license rights over customer data. Users retain ownership of their Customer Data but grant monday.com a broad license to use it, and public submissions carry an even broader license for any business purpose. Overall fairness is typical-to-slightly-aggressive for enterprise SaaS, with some notable caution areas around IP assignment and content rights.
Flagged Clauses
Any suggestions, feature requests, or comments you provide to monday.com become their permanent property. You cannot claim any rights to your own ideas once shared, and this assignment is irrevocable — you cannot take it back.
“Feedback is deemed an integral part of monday.com Materials, and as such, it is the sole property of monday.com without restrictions or limitations on use of any kind... You irrevocably assign to monday.com any right, title and interest you may have in such Feedback.”
Anything you post publicly on monday.com's sites can be used by monday.com for any business purpose, including marketing, in any media format. You also waive your moral rights to that content.
“By submitting Public User Submissions through the Sites, you grant us a license to access, use, copy, reproduce, process, adapt, publish, transmit, host, and display that Public User Submissions for any purpose, business, including without limitation, for publicizing and promoting monday.com... in any media format.”
monday.com can change or remove features at any time without telling you in advance. Only 'material adverse' changes to core functionality trigger any notification, and that notice may just be a website posting — not a direct message to you.
“We may add, modify or discontinue any feature, functionality or any other tool within any Services and/or Sites, at our own discretion and without further notice, however, if we make any material adverse change in the core functionality of the Services, then we will notify you by posting an announcement on the Sites.”
monday.com can cut off your API access at any time without warning. If your workflows or integrations depend on the API, they could break without advance notice.
“We reserve the right at any time to modify or discontinue, temporarily or permanently, your and/or Customer's access to the API (or any part of it) with or without notice.”
You keep ownership of the data you upload. monday.com only gets a limited license to use it to operate the service.
“Customer retains all right, title, interest and control, in and to the Customer Data, in the form submitted to the Services.”
monday.com can collect de-identified or aggregated data about how you use the platform and use it freely, including publishing it. They own this data permanently. This is standard but worth noting.
“We may collect, use and publish Anonymous Information relating to, or generated by your use of the Services and/or Sites... monday.com owns all Anonymous Information collected or obtained by monday.com.”
monday.com's license to use your data is limited to specific purposes: running the service, security, legal compliance, and things you explicitly permit. This is relatively protective compared to many SaaS agreements.
“Subject to these Terms, Customer grants us a worldwide, royalty-free, limited license to access, use, process, copy, distribute, perform, export, and display the Customer Data, solely to: (i) maintain and provide you the Services; (ii) prevent or address technical, fraud or security issues; (iii) investigate complaints; (iv) comply with legal process; and (v) as expressly permitted in writing by you.”
monday.com makes no promises about future features or continued availability of services. If they discontinue something you rely on, you have no contractual claim based on what you were promised.
“You acknowledge that your purchase of the Services and/or Third Party Services hereunder are not contingent on the delivery by us of any future release of any functionality, feature or service, including without limitation: (i) the continuance of certain Services or Additional Services beyond the current Subscription Term.”
If you use third-party AI agents or automation tools connected to your monday.com account, access for those tools can be cut off at any time without warning.
“Any such access to the Services by such Third Party Agents is provided at monday.com's sole discretion and may be suspended, limited, or terminated at any time, with or without notice.”
By default, monday.com can use your company's name and logo in their marketing, investor communications, and public announcements. You can opt out by emailing them, but it's opt-out rather than opt-in.
“Customer acknowledges and accepts that monday.com has the right to use Customer's name and logo to identify Customer as a customer of monday.com... on monday.com's Sites, marketing materials or otherwise by public announcements, including, but not limited to, earning statements and calls, shareholder materials.”
monday.com accepts no responsibility for what happens with your data beyond their stated security obligations. If something goes wrong with your data due to how you used the platform, the liability falls entirely on you.
“Other than our security and data protection obligations expressly set forth in Section 6, we assume no responsibility or liability for Customer Data, and you shall be solely responsible for Customer Data and the consequences of using, disclosing, storing, or transmitting it.”
If monday.com decides you've assigned the wrong user types (e.g., treating internal employees as guests), they can unilaterally charge you additional fees without your prior approval.
“monday.com shall have the right, in its sole discretion, and without derogating any other remedy available hereunder, to reassign such user types as appropriate, impose additional restrictions and/or charge additional fees.”
Missing Protections
- No explicit arbitration clause or class action waiver visible in the extracted text — unclear if this exists elsewhere in the full document
- No explicit auto-renewal or subscription cancellation terms in the extracted text
- No clear data deletion policy upon account termination — what happens to Customer Data when an account is closed is not addressed in the extracted sections
- No explicit breach notification timeline or procedure described
- No explicit refund policy for discontinued features or services
- No price-lock or rate-freeze protection for existing subscribers
- Governing law and jurisdiction clause not visible in extracted text
Fair Terms
- Customer explicitly retains ownership of all Customer Data in the form submitted — this is stated clearly and unambiguously in Section 3.1
- The license monday.com takes over Customer Data is explicitly limited to five specific, narrowly defined purposes — much more restrictive than many SaaS providers
- Customers can opt out of the logo/name marketing use by emailing a provided address, though it is opt-out rather than opt-in
- The minimum age requirement (16) is clearly stated and enforcement is promised
- HIPAA compliance pathway is explicitly described with a separate Business Associate Agreement requirement, protecting healthcare data users
- Prohibition on submitting sensitive data categories (HIPAA, PCI DSS, GDPR Article 9 special categories) without separate agreements adds a layer of protection
Document information only — not legal advice.