What is the immediate action a Belocal franchisee must take upon discovering a Security Breach?
Belocal Franchise · 2025 FDDAnswer from 2025 FDD Document
In addition, if Franchisee becomes aware of any actual or suspected unauthorized access, processing, loss, use, disclosure, alteration, destruction, transfer, or other compromise or acquisition of or access to any Personal Information, whether such information is stored in paper or electronic form, or information that might reasonably expose Franchisor to any harm or prejudice of any type or actual or suspected intrusion by an unauthorized third party into Franchisee's or Franchisor's computers, networks, servers, IT resources, or paper files ("Security Breach"), Franchisee shall immediately notify the Franchisor via telephone of such matter and shall thereafter cooperate with Franchisor to investigate and remedy such matter.
Except to the extent required by applicable law, no public disclosure of any instance of such unauthorized access or breach shall be made by Franchisee unless Franchisor has authorized the provision of notice and the form of such notice in writing.
Source: Item 22 — CONTRACTS (FDD page 71)
What This Means (2025 FDD)
According to Belocal's 2025 Franchise Disclosure Document, a franchisee's immediate action upon discovering a Security Breach is to notify Belocal via telephone. A Security Breach is defined as any unauthorized access, processing, loss, use, disclosure, alteration, destruction, transfer, or other compromise of Personal Information, whether stored in paper or electronic form. It also includes any suspected intrusion by an unauthorized third party into the franchisee's or Belocal's computers, networks, servers, IT resources, or paper files.
Following the initial notification, the franchisee is obligated to cooperate with Belocal in the investigation and remediation of the Security Breach. This cooperation is essential for Belocal to understand the scope of the breach and to implement appropriate measures to contain it and prevent future occurrences. The franchisee's role in this process is critical, as they have direct knowledge of their own systems and procedures.
The Belocal franchisee is restricted from making any public disclosure regarding the Security Breach unless Belocal provides written authorization, including the specific form of notice. This provision ensures that Belocal maintains control over public messaging and can coordinate a consistent and accurate response to the incident. This is a common practice in franchising to protect the brand's reputation and manage public perception during a crisis.
Furthermore, the franchisee may be financially responsible for costs incurred by Belocal due to the Security Breach if it was directly or indirectly caused by the franchisee, its principals, or its independent staff. These costs can include expenses related to notifications, communications, IT consultants, public relations, legal and accounting fees, and credit reporting services. This highlights the importance of franchisees maintaining robust data protection and security measures to prevent breaches and minimize potential financial liabilities.