What is the ongoing requirement for a Bambu franchisee regarding PCI DSS compliance?
Bambu Franchise · 2025 FDDAnswer from 2025 FDD Document
Franchisee must accept credit and debit cards from customers of its Bambū shoppe for all transactions in any amount.
Franchisee shall use Bambu's designated POS System and credit card merchant service provider.
The Payment Card Industry ("PCI") requires all companies that process, store, or transmit credit or debit card information to protect the cardholders' information by complying with the PCI Data Security Standard ("PCI DSS").
Therefore, Franchisee shall be PCI compliant by following and adhering to then-current PCI DSS, currently found at www.pcisecuritystandards.org, or any similar or subsequent standard for the protection of cardholder data throughout the term of this Agreement.
Franchisee's Bambū shoppe shall be in compliance with PCI DSS at all times.
Source: Item 23 — Receipts (FDD pages 52–209)
What This Means (2025 FDD)
According to Bambu's 2025 Franchise Disclosure Document, a franchisee must adhere to Payment Card Industry Data Security Standards (PCI DSS) throughout the term of their Franchise Agreement. Bambu franchisees are required to accept credit and debit cards for all transactions, regardless of the amount. To facilitate this, franchisees must use Bambu's designated Point of Sale (POS) system and credit card merchant service provider.
The Payment Card Industry mandates that all companies that handle credit or debit card information must protect cardholder data by complying with PCI DSS. Therefore, a Bambu franchisee must maintain PCI compliance by following the current PCI DSS, found at www.pcisecuritystandards.org, or any similar standard designed to protect cardholder data.
In practical terms, this means a Bambu franchisee must implement and maintain security measures to protect cardholder data, such as firewalls, encryption, and regular security assessments. Failure to comply with PCI DSS can result in fines, penalties, and even the loss of the ability to process credit card payments, which could significantly impact the business. Therefore, maintaining continuous compliance is a critical operational requirement for all Bambu franchisees.