Acceptable Use.

What Romp does

Romp is a defensive security platform that performs reconnaissance, vulnerability probing, dynamic application security testing (DAST), and system hardening audits. These same techniques are used by attackers. The line between defense and crime is authorization — nothing else.

Why this policy exists

The techniques Romp uses for defense — reconnaissance, vulnerability probing, traffic analysis — are the same techniques used in attacks. The distinction between defensive work and a criminal offense is authorization. Without it, scanning carries serious consequences in most jurisdictions: civil liability, criminal charges, and in some cases imprisonment.

This policy exists to make those boundaries clear before installation. Romp may not be used to:

• scan systems you are not authorized to test,
• conduct unsolicited penetration testing,
• access data, credentials, or accounts that are not yours,
• disrupt third-party services,
• or engage in any conduct prohibited by the statutes listed below.

If your intended use does not align with this policy, please do not install Romp. A purchased license confers no legal protection, and J&G Studios LLC has no interest in selling Romp to anyone whose intent is to misuse it.

A customer in prison is a customer lost. We would rather decline a sale than see Romp misused.

Authorized targets

• Systems and networks you personally own.
• Systems and networks owned by your employer, where your role includes security testing or your employer has given you written authorization for the specific tests you intend to run.
• Third-party systems for which you hold a current written engagement — pentest contract, bug-bounty program scope, CTF challenge, or research authorization signed by the system owner.
• Public test targets explicitly designated by their operators for unrestricted scanning (e.g. scanme.nmap.org, HackTheBox, OWASP Juice Shop, official CTF infrastructure).

Unauthorized targets

You may not use Romp to scan, probe, or fingerprint:

• Any system, network, application, or service that you do not own and have not received written authorization to test.
• Internet infrastructure (ISPs, DNS roots, CDNs, public services) that you don’t operate.
• Government, military, or critical infrastructure systems unless you are formally engaged to test them.
• Systems belonging to people who said no, or who never said anything at all.

Legal context

Unauthorized access to or scanning of a computer system you don’t own is a crime in most countries. Examples:

• United States: Computer Fraud and Abuse Act — 18 U.S.C. § 1030. Civil and criminal liability, including imprisonment.
• United Kingdom: Computer Misuse Act 1990, sections 1–3.
• European Union: Directive 2013/40/EU on attacks against information systems, transposed into each member state’s criminal code.
• Canada: Criminal Code §342.1 — unauthorized use of computer.
• Australia: Criminal Code Act 1995, Part 10.7 (introduced by the Cybercrime Act 2001).

This list is not exhaustive. Your jurisdiction almost certainly criminalizes unauthorized scanning. If you’re not sure whether a target is authorized, treat it as not authorized.

Your responsibility

By installing or using Romp, you accept full responsibility for every scan you initiate. J&G Studios LLC provides the software for defensive security work and does not monitor or control how it is used. If there is any doubt about whether a target is authorized, treat it as not authorized and obtain written permission from the system owner before proceeding.

License termination

Using Romp against systems you are not authorized to test is a material breach of the Romp Software License and terminates your right to use the software. Termination does not relieve any independent civil or criminal liability arising from the conduct that caused termination.

Reporting misuse

If your systems have been scanned by someone using Romp without authorization, contact abuse@jandgstudios.fun with logs and timestamps. Each report is investigated. Where warranted, J&G Studios LLC will revoke the offender’s license and respond to lawful requests from authorities.