Trust & Compliance
Procurement-ready security, GDPR by default.
Everything your IT, security and procurement teams need to evaluate GreenHulls — hosting, encryption, certifications, insurance, incident response and data portability — in one place.
Reference document: GH-TN-305-001 — Vendor Trust & Compliance Pack, Rev A. Full pack available on request.
Security Pillars
Six controls every buyer asks about.
EU Data Residency
All customer data hosted in Frankfurt, Germany (eu-central-1). UK GDPR & DPA 2018 compliant.
Encryption Everywhere
TLS 1.3 in transit, AES-256 at rest across Postgres and managed object storage.
SOC 2 Type II Providers
Vercel, Supabase and Railway — independently certified, running on AWS ISO 27001 infrastructure.
MFA & Secret Hygiene
Mandatory MFA on every admin console. Secrets held as provider env vars — never in source.
Zero OT/ICS Integration
Sandboxed client apps. No physical connection to vessel control, drilling or ICS networks.
Immutable Audit Trail
Time-stamped digital approvals tied to authenticated users — tamper-evident for regulators.
Incident Response (Best Efforts)
Clear SLAs, no surprises.
| Priority | Description | Target initial response |
|---|---|---|
| P1 — Critical | System offline or inaccessible for all users. | 4 business hours |
| P2 — High | Major feature broken, significant workflow impact. | 1 business day |
| P3 — Normal | Minor defect, workaround available. | Next business day |
Support hours: Monday–Friday, 09:00–17:00 UK time, excluding UK public holidays.
Corporate & Insurance
Who you're buying from.
GreenHulls and its directors are in good legal and financial standing, with no history of criminal convictions or regulatory enforcement actions, and no material pending litigation, regulatory proceedings or disqualification orders.
Strict adherence to international trade sanctions — no business with entities on UK, EU or US sanctions lists.
- Legal entity
- GreenHulls Ltd
- Company number
- SC878412 (Companies House, Scotland)
- Headquarters
- Aberdeen, United Kingdom
- Cyber liability cover
- £1,000,000 (Lloyd's — CFC Syndicate 1988)
- Data residency
- EU (Frankfurt, Germany — eu-central-1)
- Certifications
- UK Cyber Essentials (in progress)
Data Handling & Your Rights
You own your data. We process it proportionately.
What we process
- Basic user accounts (name, corporate email, role)
- Client-provided procedures & marine ops manuals
- Workflow data (checklists, timestamps, GAR, signatures)
- External AIS telemetry feeds
- Operational media (vessel photos, PDF reports)
What we never touch
- Vessel control / ICS / drilling control systems
- Financial systems or ERP
- HR systems
- Client core IT/OT infrastructure
- Identifiable cross-client benchmarking data
UK GDPR rights supported: access, rectification, erasure, portability, restriction and objection. Requests via info@greenhulls.com.
Frequently Asked Questions
The questions buyers, IT and procurement always ask.
Is GreenHulls GDPR compliant?+
Yes. GreenHulls is fully compliant with the UK GDPR and the Data Protection Act 2018. All customer data is hosted within the EU (Frankfurt, Germany — eu-central-1) to ensure data sovereignty. A standard Data Processing Agreement (DPA) is available on request.
Where is GreenHulls data hosted?+
The GreenHulls SOMS platform is hosted with managed cloud providers: Vercel (web frontend), Supabase (Postgres database, file storage and realtime services) and Railway (AIS data ingestion). The Supabase project is provisioned in the EU (Frankfurt, Germany, eu-central-1) region, keeping all customer data within the EU and within GDPR scope.
Is GreenHulls SOC 2 certified?+
GreenHulls inherits SOC 2 Type II controls from its certified providers — Vercel, Supabase and Railway are independently certified to SOC 2 Type II. Vercel and Supabase run on AWS enterprise-grade data centres certified to ISO 27001 and SOC 1/2/3. GreenHulls is currently preparing for UK Cyber Essentials certification.
How does GreenHulls encrypt data?+
All data in transit is encrypted using TLS 1.2 or higher (TLS 1.3 negotiated by default). Data at rest is encrypted using AES-256 — Supabase Postgres uses AWS-managed AES-256 disk encryption, and all object storage (vessel photos, PDF reports) is AES-256 encrypted on managed object storage.
Does GreenHulls integrate with vessel OT or ICS networks?+
No. GreenHulls operates completely out of scope of client core IT/OT infrastructure. The client app is fully sandboxed with zero local network integration. External data feeds (AIS, weather) are ingested cloud-to-cloud via secure read-only APIs — there is no direct physical connection to vessel Operational Technology (OT), drilling control systems, or ICS networks.
What insurance cover does GreenHulls hold?+
GreenHulls holds £1,000,000 of Cyber Liability cover including Cyber Extortion, System Damage, Business Interruption and Loss Mitigation, underwritten by Lloyd's of London (CFC Syndicate 1988).
What are GreenHulls' incident response SLAs?+
Best-efforts targets: P1 Critical (system offline) — 4 business hours initial response. P2 High (major feature broken) — 1 business day. P3 Normal — next business day. Support hours are Monday–Friday, 09:00–17:00 UK time, excluding UK public holidays.
Can I export my data from GreenHulls?+
Yes. Client data is never locked in. Authorised administrators can request a complete export of user and operational data at any time. Upon contract termination, all client data is securely deleted within 30 days. For enterprise clients, GreenHulls is willing to establish a Source Code Escrow agreement to ensure business continuity.
How is administrative access controlled?+
Administrative access to all provider consoles (Vercel, Supabase, Railway, GitHub) is secured with strong passwords and mandatory multi-factor authentication (MFA). Service credentials and third-party API keys are held only as provider-side environment variables and are never committed to source control or embedded in client builds. Per-user SAML 2.0 SSO is on the roadmap ahead of general release.
Does GreenHulls work offline at sea?+
Yes. The platform is built for intermittent connectivity. Sandboxed client apps maintain an encrypted offline cache for active workflow data and selectively cached reference documentation, syncing securely back to the EU-hosted cloud when connectivity is restored.
Join the SOMS waitlist
Be the first to deploy GreenHulls across your fleet. Early partners get prioritised onboarding and influence over the module roadmap.