In the event of a Data Security Breach, does Augusta Lawn Care have an obligation to respond?
Augusta_Lawn_Care Franchise · 2025 FDDAnswer from 2025 FDD Document
You shall use your best efforts to protect your customers against any and all data breaches and cyber-events, including, without limitation, identity theft or theft of personal information (a "Data Security Breach"). If a Data Security Breach occurs, in the interest of protecting the goodwill associated with the Augusta Lawn Care brand and franchise system, Augusta Lawn Care hereby reserves the right to (but does not undertake the obligation to) directly or through its designee, perform or control any and all aspects of the response to such Data Security Breach, including, without limitation, the investigation, containment and resolution of the event and all communications with the franchise system, vendors and suppliers, customers, law enforcement agencies, regulatory authorities and the general public. You hereby acknowledge and agree that a Data Security Breach and/or any response to a Data Security Breach may impact operations of the Business, including, without limitation, interruption in operations. You hereby acknowledge and agree that neither Augusta Lawn Care nor any of its parents, affiliates, subsidiaries, owners, officers, directors, or employees shall be liable to You for any damages arising out of or resulting from any Data Security Breach or any action or inaction in response to a Data Security Breach. You shall at all times be compliant with all Payment Card Industry Data Security Standards, any and all requirements imposed by all applicable payment processors and payment networks, including credit card and debit card processors, and any and all state and federal laws, rules and regulations relating to data privacy, data security and security breaches. You hereby acknowledge and agree that if Augusta Lawn Care engages or designates a third party service provider to administer a data security program, you will be required to comply with the requirements of such service provider. It is your responsibility to ensure that you operate the Business at all times in compliance with all aforementioned laws, rules, regulations and requirements and you are strongly encouraged to engage legal, and data security professionals, including insurance providers to ensure your full compliance and adequate protection.
Source: Item 23 — RECEIPTS (FDD pages 44–184)
What This Means (2025 FDD)
According to Augusta Lawn Care's 2025 Franchise Disclosure Document, franchisees are responsible for protecting customer data against breaches and cyber-events. While Augusta Lawn Care reserves the right to respond to a data security breach to protect its brand's goodwill, it is not obligated to do so.
Specifically, Augusta Lawn Care can choose to perform or control the response to a data security breach, including investigation, containment, resolution, and communications with various parties. However, the document explicitly states that Augusta Lawn Care does not undertake the obligation to do so.
The FDD also clarifies that neither Augusta Lawn Care nor its affiliates will be liable for any damages arising from a data security breach or any action or inaction in response to such a breach. Franchisees must comply with Payment Card Industry Data Security Standards, payment processor requirements, and all data privacy laws. Franchisees are encouraged to seek legal and data security professionals to ensure compliance and protection.
This means that as an Augusta Lawn Care franchisee, you bear the primary responsibility and cost for data security and breach response. While Augusta Lawn Care may step in, it is not required, and you cannot hold them liable for damages resulting from a breach. Therefore, it is crucial to invest in robust data security measures and have a comprehensive breach response plan in place.