What must an Azal Coffee franchisee do if they detect a data breach?
Azal_Coffee Franchise · 2024 FDDAnswer from 2024 FDD Document
If you detect or are notified of a data breach involving the data of your customers ("Data Breach"), you must immediately notify us of the Data Breach. You must cooperate with us in investigating and halting the Data Breach, including giving us access to your information technology systems. We will have the right to name legal counsel to deal with the Data Breach and to control media communications relating to the Data Breach. You must not make any public statements about the Data Breach without our approval. You must indemnify us and hold us harmless for all claims and costs, including attorneys' fees, incurred by us as a result of any Data Breach that is your responsibility.
Source: Item 22 — CONTRACTS (FDD page 51)
What This Means (2024 FDD)
According to Azal Coffee's 2024 Franchise Disclosure Document, franchisees have specific obligations in the event of a data breach involving customer data. If a franchisee detects or is notified of a data breach, they must immediately inform Azal Coffee. The franchisee is required to cooperate with Azal Coffee in the investigation and resolution of the breach, including providing access to their information technology systems.
Azal Coffee retains the right to appoint legal counsel to manage the data breach and control any media communications related to the incident. The franchisee is prohibited from making any public statements about the data breach without prior approval from Azal Coffee. This measure is likely to ensure consistent messaging and protect the brand's reputation.
Furthermore, the franchisee is obligated to indemnify Azal Coffee and hold them harmless from all claims and costs, including attorney's fees, that Azal Coffee incurs as a result of any data breach that is the franchisee's responsibility. This highlights the importance of franchisees maintaining robust data security measures and complying with all applicable laws and industry standards, such as the Payment Card Industry Data Security Standard Requirements.