What are the immediate notification requirements for a Body20 franchisee if there is a suspected breach of customer information security?
Body20 Franchise · 2025 FDDAnswer from 2025 FDD Document
You must comply with our System Standards, other directions from us, and all Applicable Laws regarding the organizational, physical, administrative and technical measures and security procedures to safeguard the confidentiality and security of Customer Information on your Technology System or otherwise in your possession or control and, in any event, employ reasonable means to safeguard the confidentiality and security of Customer Information. "Customer Information" means names,
contact information, financial information and other personal information of or relating to the Studio's customers and prospective customers. If there is a suspected or actual breach of security or unauthorized access involving your Customer Information, you must notify us immediately after becoming aware of such actual or suspected occurrence and specify the extent to which Customer Information was compromised or disclosed. You are responsible for any financial losses you incur or remedial actions that you must take as a result of a breach of security or unauthorized access to Customer Information in your control or possession.
Source: Item 23 — RECEIPT (FDD pages 74–251)
What This Means (2025 FDD)
According to Body20's 2025 Franchise Disclosure Document, franchisees have specific responsibilities regarding customer information. Customer Information is defined as names, contact information, financial information, and other personal information related to the studio's customers and prospective customers.
The FDD states that Body20 franchisees must comply with the System Standards, directions from the franchisor, and all Applicable Laws to safeguard the confidentiality and security of Customer Information on their Technology System or otherwise in their possession or control. Franchisees must employ reasonable means to protect this information.
Specifically, if a Body20 franchisee suspects or experiences a breach of security or unauthorized access involving Customer Information, they are required to notify Body20 immediately after becoming aware of the occurrence. This notification must specify the extent to which Customer Information was compromised or disclosed. The franchisee is responsible for any financial losses incurred or remedial actions required due to a security breach or unauthorized access to Customer Information in their control or possession.