Security & Compliance
Built for safety-critical environments
Full Fathom AI is designed from the ground up for maritime operations where accuracy, privacy, and auditability are non-negotiable.
All inference happens onboard
When a crew member asks a question, the question never leaves the vessel. The AI model runs locally. The search runs locally. The answer is generated locally.
There is no cloud processing of queries, no data transmitted during use, and no external API calls. The onboard system operates completely independently once the knowledge bundle is loaded.
This is not a design choice made for convenience. In safety-critical offshore environments where connectivity is unreliable and data sovereignty matters, local processing is the only architecture that makes sense.
No crew data collected
Query logs store the question text and the system's response. Nothing else. No usernames, no device identifiers, no session tracking, no personally identifiable information of any kind.
When logs are optionally synced to shore for fleet analytics, they contain only anonymous question-answer pairs. There is no way to trace a query back to an individual crew member.
This design is intentional. Crew must feel comfortable asking any question without concern that their queries are being monitored or attributed to them individually.
Bundle integrity verification
Every knowledge bundle is checksummed end-to-end using SHA-256. The onboard system verifies the checksum before applying any update.
If verification fails, the update is rejected and the previous bundle continues operating. There is no partial update state. The system either applies a verified bundle or keeps running on the existing one.
Automatic rollback ensures that a corrupted transfer, whether via VSAT, port broadband, or USB, never results in degraded onboard capability.
Your data stays yours
Each company's data is fully isolated on the cloud platform. Multi-tenant architecture with strict tenant boundaries ensures no cross-company access is possible.
No shared models. No training on your data. Your procedures are used to build your fleet's knowledge base and nothing else. When you delete a document, it is permanently removed from all systems.
We do not sell, share, or use customer documentation for any purpose other than generating the knowledge bundles you requested.
Compliance alignment
Full Fathom AI supports compliance with the regulatory frameworks that govern maritime operations.
ISM Code
The ISM Code requires documented procedures for key shipboard operations (Section 6), emergency preparedness (Section 7), and maintenance of documentation and records (Section 12). Full Fathom AI makes compliance demonstrable. Every query is logged, every answer cites the source document, and every interaction is evidence that the SMS is being actively used.
GDPR Considerations
No personally identifiable information is collected in query logs. Onboard processing means crew queries never leave the vessel. Shore-side analytics contain only anonymous question-answer pairs. Data is stored within the jurisdiction specified by your account configuration, and deletion requests are honoured immediately and permanently.
Security architecture
Two completely independent systems. Shore-side handles document processing. Ship-side handles all inference, fully offline.
Shore Side (Cloud)
Web Dashboard
Authenticated access for fleet managers
Document Processor
Parse, chunk, and embed uploaded files
Bundle Builder
Package knowledge into deployable artifact
Fleet Analytics
Anonymous query intelligence dashboard
Tenant Isolation
Strict multi-tenant data boundaries
Ship Side (Offline)
Local AI Model
Runs entirely onboard, no internet required
Vector Search Engine
FAISS index for semantic document search
Citation Engine
Enforces source attribution on every answer
Refusal System
Declines to answer when evidence is insufficient
Bundle Verifier
SHA-256 checksum with automatic rollback
Bundle Transfer Only
VSAT / Port / USB -- One-way, verified, no query data
0
External API calls during inference
0
PII fields in query logs
SHA-256
Bundle checksum verification
100%
Tenant data isolation
Questions about security?
We are happy to discuss our security architecture in detail, provide documentation for your IT team, or schedule a technical walkthrough.