OM OrigiMark
Certify now
Workspace add-on disclosure

When you certify from Google Docs, Sheets, or Slides

A precise account of who sees what, when. Important: this differs from the web flow and you should know exactly how it works.

Quick summary

When you click Certify in the OrigiMark add-on, the document is exported as a PDF inside Google's infrastructure, hashed there, and only the SHA-256 hash is sent to our servers. The PDF copy is stored in your own Google Drive (in a folder our add-on creates), under your account, accessible only to you.

Step-by-step

  1. Export — Apps Script (Google's serverless runtime, running under your authentication and inside your Workspace project) calls file.getAs("application/pdf"). The PDF byte-stream stays on Google's servers.
  2. Hash — Apps Script computes SHA-256 of the PDF bytes via Utilities.computeDigest(). Still entirely inside Google.
  3. Send — only the 64-character hex hash, plus the title, file size, and metadata you choose, is POSTed to https://origimark.org/api/v1/certify. We never receive the file content.
  4. Save copy — Apps Script saves the PDF blob to your own Google Drive (folder name OrigiMark Certified). It is stored under your Google account, with whatever sharing permissions you set.
  5. Cert PDF — we generate the OrigiMark certificate PDF (with your title, hash, timestamp, QR) and Apps Script downloads a copy into the same Drive folder.

What we see vs. what we don't

We see

  • · SHA-256 hash (64 hex chars)
  • · Title you provided
  • · File name, size, MIME type
  • · Metadata you filled in (genre, language, ownership, etc.)
  • · Your Google email (for cert ownership)

We do NOT see

  • · The document content
  • · The exported PDF bytes
  • · Anything on your Drive that isn't a hash
  • · Any other Google Workspace data

Difference from the web flow

The web flow at /create hashes inside your browser using the W3C Web Crypto API; the byte-stream never leaves your machine. The add-on flow runs the same hashing on Google's serverless infrastructure (Apps Script) — your file leaves your machine to Google, but it does not leave Google to us. Both flows yield the same cryptographic guarantees once the hash reaches OrigiMark.

Permissions requested

  • drive.file — read/write only files our add-on creates
  • documents.currentonly / spreadsheets.currentonly / presentations.currentonly — read only the actively open file
  • script.external_request — POST hash to origimark.org/api
  • userinfo.email — link the certificate to your Google identity

Data retention

OrigiMark stores the hash and metadata according to the privacy policy. Apps Script holds your data only for the duration of the request — Google does not retain Apps Script execution data beyond their own logs.

Last updated: 01-05-2026 · v0.2 disclosure