The single page for procurement, legal, and security. How Hullproof handles compliance, where standards calibration lives, what EU AI Act classification we carry, and what we are explicitly not.
Hullproof is a high-risk AI system when used for compliance contexts (EU ETS reporting, IMO CII rating, PSC inspection prep, classification-society survey input).
Every CoatingPassport carries the AI-Act classification, the model-card URI, the data-lineage URI, and an explicit review-workflow flag. The output is defensible at audit, not retrofitted to it.
Every finding traces back to: source frames (URIs), AI model version, confidence score, frame count supporting, image quality score, and (where applicable) human-review metadata.
No finding is ever emitted without these. Stripping confidence or lineage for performance is forbidden by our internal anti-pattern list.
Every passport carries a tenant_id. Tenancy is wired in at the schema layer — not retrofitted.
Tenant isolation is enforced at the Firestore read layer; cross-tenant reads are not possible through the standard API surface.
Findings carry explicit confidence scores. The data product is structured for human review of any safety-critical conclusion; nothing is hidden behind opaque "intelligent defaults".
Personal data is not the primary asset class; physical-asset condition data is. Where personal data appears (operator identifier, reviewer), it is minimized and tagged.
Maritime hull / ballast tank / cargo hold: BIMCO biofouling, IMO MEPC, EU ETS Maritime, FuelEU Maritime, IMO CII.
Offshore jacket / subsea structure / pipeline: NORSOK N-005, DNV-RP-C203, DNV-RP-F101, PSA Norway §47.
Wind monopile / blade: DNV-ST-0126, IEC 61400-3, IEC 61400-5.
Bridge section / power pylon: Håndbok V441, Eurocode, AASHTO, IEC 60652, EN 50341.
Industrial tank / harbor quay: NS-EN 1992-1, API 653.
Naval hull: NATO standards on request.
Footage uploads are scoped to the tenant and retained per the tenant agreement.
Model inference is logged with cost + latency for tier calibration. Inference does not phone home with customer footage outside the tenant scope.
Customer videos and images are not used to train our models. See /trust for the consumer-data-handling commitment.
Not a payment institution. Hullproof never holds customer funds. Stripe LIVE is used for SaaS subscriptions only; marketplace flows move direct between counterparties.
Not a fleet management system. We integrate with whatever the operator already uses (DNV Navigator, ABS Nautical Systems, BV VeriSTAR, internal stacks).
Not a hardware vendor. ROV, drone, handheld — bring whatever you have.
CoatingPassport JSON Schema: /api/mcp/schema/coating-passport
OpenAPI 3.1+ spec: /api/openapi
Live demo passports: /demo/<asset-type>
Every demo passport carries the same lineage + confidence + standards-array structure production passports do.
Procurement teams asking for SIG / VSA / VPAT, DPA, sub-processor list, or an EU AI Act conformity-assessment dossier — we package these on request, scoped to your engagement.