Overview
G4 Clinical Note Exporter ("the Add-on") is a Google Sheets add-on developed by G4 Software LLC ("we," "us," or "our"). The Add-on streamlines clinical note management by providing automated timestamp tracking, change indicators, and PDF export to Google Drive.
The Add-on does not collect, store, transmit, or share any user data outside of your Google Workspace environment. All data remains entirely within your own Google account.
What the Add-on Accesses
The Add-on requests the following Google OAuth permissions, each used for a specific and limited purpose:
| Permission | What It Does |
|---|---|
| spreadsheets | Read and write the active spreadsheet to manage configuration, timestamps, dirty flag indicators, and patient name fields. Also used to open newly created patient files. |
| drive | Create PDF files in your Google Drive, copy spreadsheet files for new patients, and create patient subfolders. |
| script.container.ui | Display sidebar panels and dialog windows within Google Sheets for configuration, export, and new patient workflows. |
| script.scriptapp | Create and manage installable triggers that detect cell edits for the dirty flag system. |
| script.external_request | Call the Google Sheets PDF export URL (docs.google.com/spreadsheets) to generate the PDF during export. Restricted via URL whitelist to the Sheets export endpoint only — no other external URLs can be accessed. |
What We Store
The Add-on stores a small amount of configuration and state data. All of this data resides entirely within your Google Workspace:
- Template configuration — cell locations, export range, filename pattern, and template name. Stored in a hidden sheet within your spreadsheet file.
- Runtime state — dirty flag status and base sheet name. Stored in the same hidden sheet.
- Patient subfolder ID — the Google Drive folder ID for the current patient's subfolder. Stored in the same hidden sheet.
- Patients root folder ID — the Drive folder you selected as the root for all patient files. Stored primarily in the hidden sheet within each spreadsheet file (so it travels with file copies); also mirrored to Google Apps Script User Properties for backward compatibility with earlier versions.
What We Do NOT Store or Access
- Patient names, clinical note content, or any protected health information (PHI)
- User credentials, passwords, or authentication tokens
- Usage analytics, telemetry, or tracking data
- Any data from spreadsheets other than the one the Add-on is attached to
Data Transmission
The Add-on does not transmit any data to external servers, third-party services, or any system outside of Google's infrastructure. The script.external_request permission is used solely to call the Google Sheets PDF export URL during PDF generation and is restricted by URL whitelist to that single endpoint. All other operations occur between your Google Sheets, Google Drive, and Google Apps Script — all within your Google Workspace account.
No external APIs outside Google's own infrastructure, no analytics services, no advertising networks, and no tracking pixels are used.
Data Sharing
We do not sell, share, rent, or disclose any user data to third parties. The Add-on has no mechanism to extract data from your Google Workspace, and no data is ever transmitted to G4 Software or any other party.
Data Retention
The Add-on does not maintain any database, server, or external storage. Configuration data persists only within your spreadsheet files and is fully under your control. Deleting a spreadsheet file removes all Add-on data stored inside it. Uninstalling the Add-on removes any Add-on-specific User Properties from your Google account.
HIPAA Compliance
The Add-on is a workflow tool that operates entirely within Google Workspace. We do not make HIPAA compliance claims for the Add-on itself. If your practice requires HIPAA compliance, we recommend ensuring your Google Workspace account has a Business Associate Agreement (BAA) with Google and consulting your compliance officer about using Google Workspace for clinical documentation.
Children's Privacy
The Add-on is designed for use by healthcare professionals and is not directed at children under 13. We do not knowingly collect any information from children.
Changes to This Policy
We may update this privacy policy from time to time. Any changes will be posted on this page with an updated effective date. Continued use of the Add-on after changes constitutes acceptance of the updated policy.
Revision History
- April 17, 2026 — Updated for Add-on v1.5. Added
script.external_requestscope (used exclusively for PDF generation via the Sheets export URL, restricted by whitelist). Corrected the description of where the Patients root folder ID is stored (primary storage is the per-file hidden sheet; User Properties kept as fallback). Clarified that data transmission uses only Google-owned infrastructure. - February 20, 2026 — Initial publication.
Contact
If you have questions about this privacy policy or the Add-on's data practices, please contact us:
G4 Software LLC
Email: contact@g4software.com
Website: www.g4software.com