Who must a Belocal franchisee notify in the event of a Security Breach?

According to Belocal's 2025 Franchise Disclosure Document, a franchisee must immediately notify Belocal if they become aware of any actual or suspected Security Breach. A Security Breach is defined as any unauthorized access, processing, loss, use, disclosure, alteration, destruction, transfer, or other compromise or acquisition of or access to any Personal Information, whether stored in paper or electronic form. It also includes any information that might reasonably expose Belocal to any harm or prejudice or any actual or suspected intrusion by an unauthorized third party into the franchisee's or Belocal's computers, networks, servers, IT resources, or paper files. The notification must be made via telephone.

Following the initial notification, the franchisee is required to cooperate with Belocal to investigate and remedy the Security Breach. This cooperation is essential for Belocal to take appropriate steps to contain the breach, assess its impact, and implement measures to prevent future occurrences. The franchisee's role in this process is critical, as they are often the first point of contact in identifying and reporting the breach.

The FDD also stipulates that the franchisee cannot make any public disclosure of the Security Breach unless Belocal has authorized the provision of notice and the form of such notice in writing, except to the extent required by applicable law. This provision ensures that Belocal maintains control over the messaging and public relations aspects of the breach, which is important for protecting the brand's reputation and managing potential legal liabilities. Franchisees are also responsible for reimbursing Belocal for all reasonable Notification and Remediation Related Costs incurred by Belocal arising out of or in connection with any such Security Breach that is directly or indirectly caused by Franchisee, its Principals, and its Independent Staff.