How soon must a Beggars Pizza franchisee notify the franchisor of a cyber-event?

According to Beggars Pizza's 2025 Franchise Disclosure Document, a franchisee must notify Beggars Pizza immediately, but no more than three business days, after becoming aware of a cyber-event, identity theft, or theft of personal information related to any customer or employee, or related to the restaurant itself.

This requirement ensures that Beggars Pizza can take swift action to mitigate any potential damage resulting from a data breach. This includes providing notice to affected customers and employees, as directed by Beggars Pizza. The franchisee is obligated to comply with data security standards like PCI DSS and FACTA, as well as all applicable laws and the franchisor's security policies.

For a prospective Beggars Pizza franchisee, this means implementing robust data protection measures and having a clear protocol in place for identifying and reporting security incidents. Failure to promptly report a cyber-event could result in penalties or other repercussions from Beggars Pizza. Franchisees should also be prepared to provide immediate notice to customers and employees if directed by Beggars Pizza, which could involve significant administrative and public relations efforts.

This type of clause is increasingly common in franchise agreements, reflecting the growing importance of data security and the potential for significant financial and reputational damage from cyber-attacks. Franchisees should carefully review the data security requirements outlined in the Franchise Agreement and ensure they have adequate systems and procedures in place to comply.