factual

What must an Auntie Annes franchisee do if they learn of a 'Data Breach'?

Auntie_Annes Franchise · 2024 FDD

Answer from 2024 FDD Document

require you to provide, or make available, to us copies of any audits, scanning results, or related documentation relating to such compliance or audits. We may charge a reasonable fee for us to review your systems and verify your compliance with these requirements. If you suspect or know of a security breach, you must immediately give us notice of such security breach and promptly identify and remediate the source of any compromise or security breach at your expense. You assume all responsibility for providing all notices of breach or compromise and all duties to monitor credit histories and transactions concerning customers of the Franchised Business.

  • 12.3 Data Breach Notification. If you learn of an incident that may be a "breach of the security of the system" under Cal. Civ. Code § 1798.82 or any other data breach notification Law, you must immediately notify us of the facts that are known about the incident (a "Data Breach"). Although you are responsible for complying with all data breach notification Laws and standards applicable to your organization, we expect that you will coordinate with us regarding such incidents where notification to individuals is required before individuals are notified so that we can be aware of and be prepared to address issues that may affect the System and be in a position to support you where possible.

Source: Item 22 — CONTRACTS (FDD page 106)

What This Means (2024 FDD)

According to Auntie Annes's 2024 Franchise Disclosure Document, if a franchisee learns of an incident that may be a "breach of the security of the system" under Cal. Civ. Code § 1798.82 or any other data breach notification Law, they must immediately notify Auntie Annes of the facts that are known about the incident, which is termed a "Data Breach".

While the franchisee is responsible for complying with all data breach notification Laws and standards applicable to their organization, Auntie Annes expects franchisees to coordinate with them regarding such incidents where notification to individuals is required before individuals are notified. This coordination is expected so that Auntie Annes can be aware of and prepared to address issues that may affect the System and be in a position to support the franchisee where possible.

In the event of an actual or suspected Data Breach, the franchisee grants Auntie Annes and its designees and agents the right to conduct an investigation of the incident. This includes the right to install, run, and maintain any hardware, software, or code on the franchisee's Computer System or in their computer network necessary or advisable to facilitate the investigation and to contain and remediate the incident. The franchisee agrees to cooperate with Auntie Annes and to provide them with any access and information they may reasonably request for those purposes. The franchisee is responsible for any costs or financial losses they incur or remedial actions that they must take as a result of an actual or suspected Data Breach.

Disclaimer: This information is extracted from the 2024 Franchise Disclosure Document and is provided for research purposes only. It does not constitute legal or financial advice. Consult with a franchise attorney before making any investment decisions.
All Auntie_Annes 2024 FAQs Ask FDD Ninja