Trust Centre
Trust is at the core of Sea. The Sea Trust Centre ensures transparency, security, and accountability, protecting your data with industry-leading measures and ethical practices.
We take security seriously, with rigorous data protection protocols and ISO 27001 certification to safeguard your information as the maritime industry evolves digitally.
Our approach aligns with GDPR and other regulations, using encryption, IP protection, and Single Sign-On (SSO) to keep your data secure.
Sea group companies
Our commitment to strong governance ensures that we operate with integrity and accountability across all our business processes. Learn more about our structure and the governance policies that underscore ethical performance.
Sea and its relationship to the Clarksons group
Sea operates as an independently managed shipping software business within Clarkson PLC, with clear operational boundaries to ensure separation from other Clarkson divisions, including broking. Our approach to data security and confidentiality is backed by ISO 27001 certification and reinforced through comprehensive legal protections within customer licensing agreements.
Key measures include:
- Operational independence: Sea’s support teams and developers are staffed and located separately from other Clarkson businesses.
- Data ownership: Customers retain complete ownership of their data.
To explore our commitment to information security and data integrity, download the full whitepaper on how we handle our customers’ data below.
At Sea, we prioritise engaging key stakeholders in decision-making processes and fostering open dialogue and collaboration to align our practices with client and partner expectations. This approach strengthens trust and reinforces our commitment to ethical leadership and sound governance.
Security & privacy
Supported by ISO 27001, we apply rigorous measures to protect your data and meet international benchmarks.
Our end-to-end security framework
- Fortified network access with web application firewall: Access to the production environment is tightly controlled. Our Enterprise WAF blocks and prevents the latest emerging threats, providing our network layer security for all of our applications.
- Data encryption: We implement industry-standard encryption to protect your data. All data in transit is securely encrypted, followed by rigorous encryption standards to protect data at rest, ensuring confidentiality at all stages.
- Real-time infrastructure monitoring: Our systems are continuously monitored for unusual or unauthorised activity. Monitoring is active across all environments, enabling rapid identification and response to potential threats.
- Robust access control and accountability: Administrative access is tightly governed through enforced multi-factor authentication (MFA), granular permissioning, and approval workflows. All privileged actions are logged in detail and subject to auditing, ensuring full visibility and accountability across the platform.
- Independent certification and expert validation: We’ve held ISO 27001 certification since 2019, underscoring our commitment to the highest security standards. Additionally, our systems undergo rigorous penetration testing by a globally leading CREST-accredited firm, ensuring they remain resilient against emerging threats.
- Secure development by design: Our software is built in adherence to the Secure Software Development Lifecycle (SSDLC), embedding security at every stage. From planning to deployment, we apply strict controls, regular reviews, and automated testing to identify and mitigate risks before they reach production.
Privacy
We take your privacy seriously. Please see our privacy policy for further information on how we handle personal data, ensuring compliance with global standards.
Safeguarding data with advanced security protocols
At Sea, our security tools are designed to give you uncompromised control and transparency over your data. You can confidently protect your sensitive information with our advanced protection features, including:
- Sea implements Single Sign-On (SSO) as a default feature for all clients.
- Two-Factor Authentication (2FA) is mandatory for secure access.
- Data Loss Prevention (DLP) systems are actively deployed across the organisation to detect, control and alert on potential breaches involving sensitive or restricted data.
