Legal
Privacy Policy
How we collect, use, store, and protect your data.
1. Who We Are
1.1. This Privacy Policy explains how Propel Group International Ltd (trading as FullFathom AI) ("FullFathom", "we", "us", or "our") collects, uses, stores, and protects personal data in connection with the FullFathom AI service.
1.2. Company Details:
- Legal Name: Propel Group International Ltd
- Trading Name: FullFathom AI
- Company Number: 16943846
- Registered Address: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ
- Country of Registration: England and Wales
- Email: privacy@fullfathom.ai
- Privacy Contact: Richard Buckley, privacy@fullfathom.ai
1.3. FullFathom acts as a data processor on behalf of our customers (shipping companies and ship management companies), who act as data controllersin respect of their crew members' data. For data relating to our customer contacts and account holders, FullFathom acts as a data controller.
2. What Data We Collect
2.1. Shore-Side Account Data (Cloud Platform)
When a customer registers for and uses the Cloud Platform, we collect:
| Data Category | Specific Data | Purpose |
|---|---|---|
| Company information | Company name, registered address, country | Account setup, billing, multi-tenant isolation |
| Contact details | Name, email address, phone number of account holders | Account management, support, communications |
| Vessel details | Vessel name, IMO number, vessel type, flag state | Bundle generation, fleet management |
| Billing information | Invoice address, payment references | Billing and payment processing |
| Usage data | Login timestamps, feature usage, document upload history | Service improvement, support |
2.2. On-Vessel Data (Ship Runtime)
The Ship Runtime operates entirely offline on the vessel's local area network. The following data is processed locally on the vessel:
| Data Category | Specific Data | Storage Location | Transmitted to Shore? |
|---|---|---|---|
| Crew queries | Question text submitted by crew | Vessel SQLite database | Anonymised aggregates only |
| AI answers | Generated answer text and citations | Vessel SQLite database | Anonymised aggregates only |
| Query metadata | Timestamp, response time, refusal status | Vessel SQLite database | Anonymised aggregates only |
The Ship Runtime does not require or collect any personal identifiers from crew members. There is no user authentication on the vessel. No names, ranks, crew IDs, or other personally identifiable information is collected, stored, or transmitted in connection with on-vessel queries.
2.3. Analytics Data (Synced to Shore)
When a vessel has internet connectivity, the Ship Runtime may sync anonymised analytics data to the Cloud Platform for fleet management purposes:
| Data Category | What Is Synced | What Is NOT Synced |
|---|---|---|
| Query volume | Number of queries per day | Individual query text |
| Topic categories | Aggregate question categories (e.g., "safety procedures", "cargo operations") | Specific questions or answers |
| Refusal metrics | Count of queries where no relevant procedure was found | Specific refused queries |
| Performance metrics | Average response time, system health | Any crew-identifying information |
No crew personally identifiable information is ever included in analytics data synced from vessels to the Cloud Platform.
2.4. Authentication Data
Shore-side user authentication is provided by Clerk, a third-party authentication service. When you sign in to the Cloud Platform:
- Clerk processes your email address and authentication credentials in accordance with Clerk's Privacy Policy.
- FullFathom receives your name and email address from Clerk for the purpose of account management.
- FullFathom does not store passwords or authentication tokens -- these are managed entirely by Clerk.
2.5. Website and Communication Data
If you visit our website or communicate with us:
| Data Category | Specific Data | Purpose |
|---|---|---|
| Website analytics | Anonymised page views, referral source (if analytics are implemented) | Website improvement |
| Contact form submissions | Name, email, message content | Responding to enquiries |
| Email communications | Email address, correspondence content | Customer support, sales |
3. How We Use Your Data
3.1. We use personal data for the following purposes:
| Purpose | Legal Basis (GDPR Art. 6) | Data Categories |
|---|---|---|
| Providing the Service -- processing documents, generating Bundles, operating the Cloud Platform | Performance of a contract (Art. 6(1)(b)) | Company info, vessel details, uploaded documents |
| Account management -- creating accounts, managing subscriptions, processing payments | Performance of a contract (Art. 6(1)(b)) | Contact details, billing information |
| Fleet analytics -- providing customers with fleet-wide usage insights | Performance of a contract (Art. 6(1)(b)) | Anonymised query analytics |
| Service improvement -- improving AI answer quality, parsing accuracy, and system reliability | Legitimate interest (Art. 6(1)(f)) | Anonymised and aggregated usage data |
| Identifying documentation gaps -- analysing query patterns to identify missing or outdated procedures | Legitimate interest (Art. 6(1)(f)) | Anonymised query topic categories, refusal rates |
| Customer support -- responding to enquiries and resolving technical issues | Performance of a contract (Art. 6(1)(b)) | Contact details, correspondence |
| Legal compliance -- meeting legal and regulatory obligations | Legal obligation (Art. 6(1)(c)) | As required by applicable law |
| Security -- detecting, preventing, and responding to security incidents | Legitimate interest (Art. 6(1)(f)) | Access logs, system logs |
Where we rely on legitimate interest as a legal basis, we have conducted a Legitimate Interest Assessment (LIA) to confirm that: (1) the interest is legitimate, (2) the processing is necessary for that interest, and (3) the processing does not override the rights and freedoms of data subjects. Copies of our LIAs are available on request by contacting privacy@fullfathom.ai.
3.2. Improving maritime safety documentation access.We have a legitimate interest in improving the quality and accessibility of maritime safety documentation. The processing we undertake for this purpose is limited to anonymised and aggregated data that cannot identify individual crew members and poses minimal risk to data subjects' rights and freedoms.
4. Data Sharing
4.1. We do not sell personal data. FullFathom does not sell, rent, or trade personal data to third parties for their marketing or other purposes.
4.2. Sub-processors. We use the following third-party sub-processors to provide the Service:
| Sub-Processor | Purpose | Data Processed | Location |
|---|---|---|---|
| Amazon Web Services (AWS) | Cloud infrastructure (compute, storage, database) | All Cloud Platform data | EU (eu-west-2, London region) |
| Clerk | User authentication for Cloud Platform | Email addresses, authentication credentials | United States (certified under the EU-US Data Privacy Framework and the UK Extension to the EU-US DPF) |
4.3. Customer access. Customers (data controllers) have access to their own data through the Cloud Platform dashboard, including uploaded documents, vessel information, and anonymised fleet analytics.
4.4. Legal requirements. We may disclose personal data where required by law, regulation, legal process, or enforceable governmental request. We will provide notice to the affected customer where legally permitted.
4.5. Business transfers. In the event of a merger, acquisition, or sale of all or a portion of our assets, personal data may be transferred as part of the transaction. We will provide notice of any such transfer and any choices you may have regarding your data.
5. International Data Transfers
5.1. Primary processing location. All Cloud Platform data is processed and stored within the United Kingdom, specifically in the AWS eu-west-2 (London) region.
5.2. International transfers. Our primary infrastructure is in the United Kingdom. Where personal data is transferred to sub-processors outside the UK, we ensure appropriate safeguards are in place:
- Clerk (United States): Clerk, Inc. is certified under the EU-US Data Privacy Framework (DPF) and the UK Extension to the EU-US DPF, providing an adequacy-based transfer mechanism for personal data transfers to the United States.
5.3. Additional safeguards. Where a sub-processor processes data outside the UK and is not covered by an adequacy decision or the DPF, we will ensure appropriate safeguards are in place, including:
- Standard Contractual Clauses (SCCs) approved by the European Commission;
- UK International Data Transfer Agreement (IDTA) or UK Addendum to the EU SCCs, as applicable;
- Assessment of the laws and practices of the recipient country.
5.4. On-vessel data. Query data processed by the Ship Runtime on vessels is processed entirely on the vessel and does not constitute an international data transfer. Vessels operate in international waters and multiple jurisdictions; however, the Ship Runtime processes data locally without transmitting it to any external service.
6. Data Retention
6.1. We retain personal data only for as long as necessary to fulfil the purposes for which it was collected or as required by law.
| Data Category | Retention Period | Rationale |
|---|---|---|
| Account data (company, contacts, vessels) | Duration of the subscription plus thirty (30) days | Required to provide the Service; 30-day grace period for data export |
| Uploaded documents | Duration of the subscription plus thirty (30) days | Required to generate Bundles; 30-day grace period for data export |
| Anonymised query analytics | Twelve (12) months from collection | Service improvement and documentation gap analysis |
| Billing records | Six (6) years from the relevant transaction | UK tax and accounting requirements |
| Support correspondence | Two (2) years from resolution | Quality assurance and dispute resolution |
| On-vessel query logs | Retained on vessel until Bundle update or manual deletion; not retained by FullFathom | Local processing only |
6.2. Upon termination of a customer's subscription, we will:
- Make all Customer data available for export for thirty (30) days;
- Delete all Customer data from our systems within thirty (30) days after the export period, unless retention is required by law;
- Confirm deletion in writing upon request.
6.3. Anonymised and aggregated data that cannot be used to identify any individual or customer may be retained indefinitely for statistical and service improvement purposes.
7. Your Rights
7.1. Under the UK GDPR and the EU GDPR, you have the following rights in relation to your personal data:
| Right | Description | GDPR Article |
|---|---|---|
| Right of access | Request a copy of the personal data we hold about you | Art. 15 |
| Right to rectification | Request correction of inaccurate or incomplete personal data | Art. 16 |
| Right to erasure | Request deletion of your personal data in certain circumstances | Art. 17 |
| Right to restrict processing | Request that we limit the processing of your personal data | Art. 18 |
| Right to data portability | Receive your personal data in a structured, commonly used, machine-readable format | Art. 20 |
| Right to object | Object to processing based on legitimate interests or direct marketing | Art. 21 |
| Right to withdraw consent | Where processing is based on consent, withdraw that consent at any time | Art. 7(3) |
| Right to lodge a complaint | Lodge a complaint with a supervisory authority | Art. 77 |
7.2. Exercising your rights. To exercise any of these rights, please contact us at privacy@fullfathom.ai. We will respond to your request within one (1) month of receipt. This period may be extended by a further two (2) months where requests are complex or numerous, in which case we will inform you of the extension within the first month.
7.3. Verification. We may need to verify your identity before processing your request. We will not charge a fee for processing your request unless it is manifestly unfounded or excessive.
7.4. Crew members. Crew members whose queries are processed by the Ship Runtime should note that the Ship Runtime does not collect personal identifiers. If a crew member believes their personal data may be incidentally contained in query logs, they should contact their employer (the shipping company), who is the data controller, to exercise their rights. FullFathom will assist the data controller in responding to such requests in accordance with our Data Processing Agreement.
7.5. Supervisory authority. You have the right to lodge a complaint with a supervisory authority. The relevant supervisory authority for the United Kingdom is:
Information Commissioner's Office (ICO)
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Website: https://ico.org.uk
Telephone: 0303 123 1113
7.6. EU-based data subjects. If you are based in the European Union, you may also lodge a complaint with your local EU supervisory authority. As FullFathom offers services to EU-based customers, we are in the process of appointing an EU representative under GDPR Article 27. Details of our EU representative will be published at https://fullfathom.ai/privacy when appointed.
8. Data Security
8.1. We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:
Technical Measures:
- Encryption at rest for all data stored in S3 object storage (AES-256)
- Encryption in transit for all data transmitted between systems (TLS 1.2 or higher)
- Encryption at rest for on-vessel SQLite databases
- Access controls and role-based permissions on the Cloud Platform
- Multi-tenant data isolation (each customer's data is logically separated)
- Automated vulnerability scanning and dependency monitoring
- Regular security patching of infrastructure and application components
Organisational Measures:
- Staff confidentiality obligations and data protection training
- Principle of least privilege for system access
- Incident response procedures
- Regular review of security measures and sub-processor compliance
8.2. Bundle security. Bundles transferred to vessels are protected by:
- SHA-256 checksum verification to detect tampering
- HTTPS with mutual TLS for over-the-air Bundle transfers
- Encryption at rest on the vessel
8.3. Breach notification. In the event of a personal data breach, we will:
- Notify the relevant supervisory authority within seventy-two (72) hours of becoming aware of the breach, where required by GDPR Article 33;
- Notify affected data controllers (customers) without undue delay, in accordance with our Data Processing Agreement;
- Notify affected data subjects where the breach is likely to result in a high risk to their rights and freedoms, as required by GDPR Article 34.
9. Cookies and Tracking
9.1. Minimal cookie use. The Cloud Platform uses only essential cookies required for the operation of the service:
| Cookie | Purpose | Duration | Type |
|---|---|---|---|
| Session cookie | Maintains your authenticated session | Duration of browser session | Strictly necessary |
| Authentication token | Clerk authentication state | As defined by Clerk | Strictly necessary |
9.2. No tracking cookies. We do not use advertising cookies, tracking pixels, social media cookies, or any third-party analytics cookies that track users across websites.
9.3. Ship Runtime.The Ship Runtime does not use cookies. It operates on the vessel's local network and does not implement any tracking or analytics technology.
9.4. Consent. As we use only strictly necessary cookies, consent is not required under the Privacy and Electronic Communications Regulations 2003 (PECR). If we introduce non-essential cookies in the future, we will obtain consent in accordance with applicable law and update this policy.
10. On-Vessel Data Processing
10.1. Local processing.The Ship Runtime processes all crew queries entirely on the vessel's local hardware. Query text is not transmitted to any external service during the question-and-answer process.
10.2. No personal identifiers. The Ship Runtime does not require user authentication. No crew names, identification numbers, ranks, or other personal identifiers are collected or stored by the Ship Runtime.
10.3. Query logs. The Ship Runtime stores query logs (question text, answer text, timestamps, and refusal status) in a local SQLite database on the vessel. These logs are used for:
- Displaying recent query history to vessel users;
- Generating anonymised analytics for fleet management.
10.4. Anonymisation before sync. When analytics data is synced from the vessel to the Cloud Platform, all data is anonymised before transmission. Only aggregate statistics (query counts, topic categories, refusal rates, response times) are transmitted. No individual query text or answer text is transmitted to the Cloud Platform.
10.5. Data subject rights.Because the Ship Runtime does not collect personal identifiers, it is generally not possible to link queries to specific crew members. If a crew member has concerns about data contained in on-vessel query logs, they should contact their employer (the shipping company), who may request access to or deletion of on-vessel query logs through FullFathom's support channels.
Note on incidental personal data
Crew members may occasionally include personal references in query text (e.g., "Captain Smith asked me to check the ballast procedure"). Such incidental references are stored only in the local on-vessel query log and are not transmitted to the Cloud Platform. We recommend that customers include guidance in crew familiarisation materials advising crew to avoid including personal names in queries where possible.
11. Children's Privacy
11.1. The Service is intended for use by professional seafarers in a commercial maritime context. We do not knowingly collect personal data from children under the age of eighteen (18). If we become aware that we have collected personal data from a child, we will take steps to delete such data promptly.
12. Changes to This Privacy Policy
12.1. We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will:
- Post the updated Privacy Policy on our website with a revised "Last Updated" date;
- Notify registered customers by email of material changes at least thirty (30) days before they take effect;
- Where required by law, obtain consent to material changes.
12.2. Your continued use of the Service after the effective date of an updated Privacy Policy constitutes acceptance of the changes.
13. Contact Us
If you have questions about this Privacy Policy or our data practices, please contact us:
General Privacy Enquiries:
Email: privacy@fullfathom.ai
Privacy Contact:
Richard Buckley
Email: privacy@fullfathom.ai
Postal Address:
Propel Group International Ltd (trading as FullFathom AI)
71-75 Shelton Street, Covent Garden, London, WC2H 9JQ
For Data Subject Access Requests:
Email: privacy@fullfathom.ai
Subject line: "Data Subject Access Request"