factual

Does IHG have access to Atwell Suites franchisee data, and is this considered a breach of obligations?

Atwell_Suites Franchise · 2025 FDD

Answer from 2025 FDD Document

ial Information belonging to or received from IHG or one of its Affiliates;

  • 6.2.2 (b) was lawfully acquired by Licensee from a third party having the legal, unconditional right to furnish same to Licensee; or
  • 6.2.3 (c) was at the time in question (whether at disclosure or thereafter) generally known by or available to the public (through no fault of Licensee).
  • 6.3 Required Disclosures. These confidentiality obligations will not restrict any disclosure required by applicable law, provided that Licensee gives prompt notice to IHG of any such legal requirement and reasonably cooperates with IHG at IHG request and expense to resist such legal requirement or to obtain a protective order.

7. Security Practices.

  • 7.1 Licensee understands that IHG and its Affiliates will have access to certain reports and information relating to the Hotel and generated through the use of the Curated Solutions, including information relating to revenues, room occupancy, and availability, as well as Personal Data. Licensee and the Hotel shall, and Licensee shall cause its Agents to, comply with:
    • 7.1.1 all applicable laws, including the Data Privacy Laws and contractual obligations, and any requirements of the credit card processing industry, including PCI DSS and any successor standard,
    • 7.1.2 all Standards, and
    • 7.1.3 all IHG policies, requirements, and requests concerning access to any Curated Solution, network connectivity, and transmission of data and reports to IHG and its Affiliates.
  • 7.2 Licensee shall be responsible for ensuring adequate security and backup procedures to avoid unauthorized access to, use of, or inadvertent loss of data and shall, in its discretion, determine appropriate security, which shall be no less than the standard of care in the industry. Without limiting Licensee's obligations set forth in subparts 7.1.1, 7.1.2 and 7.1.3 above, Licensee will comply with any additional security and data protection practice requirements that IHG will provide to Licensee in writing, which may be updated from time to time (the "Security Practices"). IHG may, in its sole discretion, amend the Security Practices at any time without prior notice (each, a "Security Practices Update"). A Security Practices Update may include additional terms and conditions, including the additional obligations of Licensee. Licensee will comply with any Security Practices Update within thirty (30) days following the date of the Security Practices Update and will comply with any changes to applicable laws, contractual obligations, and industry requirements (including PCI DSS and any successor standard) within the time period provided by such law or industry requirement.

8. PRIVACY AND DATA PROTECTION.

  • 8.1 Core Services and Optional Services.

Source: Item 23 — Receipts (FDD pages 99–486)

What This Means (2025 FDD)

According to Atwell Suites's 2025 Franchise Disclosure Document, IHG and its affiliates will have access to certain reports and information relating to the hotel. This includes data generated through the use of curated solutions, such as information relating to revenues, room occupancy, availability, as well as personal data. The franchisee is obligated to comply with all applicable laws, data privacy laws, contractual obligations, standards, and IHG policies concerning access to any curated solution, network connectivity, and transmission of data and reports to IHG and its affiliates.

The franchisee is responsible for ensuring adequate security and backup procedures to avoid unauthorized access, use, or inadvertent loss of data, and must determine appropriate security measures, which should be no less than the standard of care in the industry. Franchisees must also comply with any additional security and data protection practice requirements that IHG provides in writing, which may be updated from time to time. Compliance with these security practice updates is required within thirty days following the date of the update, as well as compliance with any changes to applicable laws, contractual obligations, and industry requirements within the time period provided by such law or industry requirement.

Furthermore, the hotel grants FreedomPay a perpetual, nonexclusive license to store, copy, and use hotel data to the extent necessary to perform its obligations and comply with applicable law, and to use and disclose hotel aggregated data for FreedomPay's business purposes. IHG shall have full access to the transactions and data processed on behalf of the hotel by FreedomPay, including the hotel data. This data and information may include names, services purchased, usage, billings, payment status, payment card data, and other information related to IHG's management of the service relationship with FreedomPay. Therefore, IHG's access to franchisee data is not considered a breach of obligations but rather a defined and agreed-upon aspect of the franchise agreement, provided that all data privacy and security measures are adhered to.

Disclaimer: This information is extracted from the 2025 Franchise Disclosure Document and is provided for research purposes only. It does not constitute legal or financial advice. Consult with a franchise attorney before making any investment decisions.
All Atwell_Suites 2025 FAQs Ask FDD Ninja