ARUME Term of Service Agreement.
This Terms of Service Agreement ("Agreement") sets forth the legally binding terms for your use of the ARUME website at www.arume.org and any ARUME products, services, or tools ("Services"). By accessing or using the Services, you agree to be bound by these Terms.
Permitted Uses
You may use the Services only for purposes of researching vulnerabilities in critical infrastructure systems for legitimate security analysis, education, and protection purposes as aligned with ARUME's non-profit mission.
Prohibited Uses
When using ARUME Services, you may not engage in activities that are illegal, could enable harm to infrastructure systems, violate others' privacy or intellectual property rights, enable security exploits, or are
otherwise unauthorized. Specifically, you may not attempt any unauthorized access, usage, modification or disruption of critical systems.
Vulnerability Data
All vulnerability scan data is for informational and educational purposes only. ARUME is not responsible for how users access or utilize this data. Scan results only reflect systems directly accessible online at the
time of scanning. ARUME makes no guarantees that all vulnerable systems are identified. We make reasonable efforts to ensure our services perform as intended, but cannot guarantee they will meet your needs or find
all vulnerabilities. Use of ARUME is at your own risk.
Ownership Information
Ownership information displayed is based on public records and may not always reflect current ownership status. ARUME is not liable for inaccuracies.
Authorization for Access
User searches of our database do not constitute authorization to access any systems displayed without owner permission. Unauthorized access may be illegal.
Compliance with Mission
By using our Services, you agree to utilize ARUME data solely for legitimate security research or protection purposes as described in our mission statement and not to enable harm.
Non-Disclosure of Sensitive Details
ARUME will not include sensitive details like IP addresses or credentials in any public scan reports that could enable malicious exploits.
Liability Waiver
By using the Services, you agree to waive any claims against ARUME relating to consequences, provided we comply with this Agreement. ARUME shall not be liable for damages. We are not responsible for damages arising
from use or misuse of our data and reports.
Compliance with Laws
You must comply with all applicable laws in connection with accessing or using the Services.
Personal Information Collected
We may collect personal information like your name, organization, email, phone number, or other details voluntarily provided during signups, correspondence, vulnerability reports, or when purchasing services.
How Your Information Is Used
We use personal information to facilitate services, respond to inquiries, send receipts/updates, improve our offerings, and comply with legal obligations like vulnerability reporting. We do not share or sell personal
data with any third parties except as may be required by law or valid legal process.
Data Retention
We will retain personal information as long as needed to fulfill the purposes for which it was collected or as required by law for legitimate purposes like response audits. This period is usually no longer than 5
years after last contact or purchase.
Security Measures
We use appropriate technical and organizational security measures to protect any data provided. However, due to risks in internet transmission and external factors, we cannot fully guarantee security.
Amendments and Termination
ARUME reserves the right to modify or terminate this Agreement and your access as needed at any time.