factual

What data security standard must a Brueggers Bagels licensee comply with?

Brueggers_Bagels Franchise · 2025 FDD

Answer from 2025 FDD Document

You must comply with the then current Payment Card Industry Data Security Standards

(PCI/DSS) as those standards may be revised by the PCI Security Standards Council, LLC (see www.pcisecuritystandards.org) or successor organization. Among other things, you agree to implement the security requirements that the PCI Security Standards Council (or its successor) requires of a merchant that accepts payment by credit and/or debit cards. You must implement and maintain an approved Payment Card Industry (PCI) compliance program for the Bakery. We may suggest third party PCI compliance vendors from time to time, but you are free to submit alternative PCI compliance vendors for our approval or seek approval to perform your own PCI compliance. You must submit PCI compliance reports to us in the manner and frequency that we request, which may include having an independent third party conduct a PCI/DSS audit. Your failure to comply with section will be a material default under this Agreement.

Source: Item 22 — CONTRACTS (FDD page 61)

What This Means (2025 FDD)

According to Brueggers Bagels' 2025 Franchise Disclosure Document, a licensee must comply with the Payment Card Industry Data Security Standard (PCI DSS). This standard is mandated for merchants who accept payment via credit or debit cards. The licensee is responsible for implementing and maintaining a PCI compliance program for their Brueggers Bagels bakery.

Brueggers Bagels may suggest third-party PCI compliance vendors, but the franchisee has the option to propose alternative vendors for approval or seek permission to handle their own PCI compliance. Franchisees must also submit PCI compliance reports to Brueggers Bagels in the manner and frequency requested, potentially including audits conducted by an independent third party.

Failure to comply with these data security standards constitutes a material breach of the License Agreement. This means that maintaining PCI DSS compliance is not just a recommendation, but a strict requirement for operating a Brueggers Bagels franchise. Franchisees should budget for the costs of compliance, including potential vendor fees and audit expenses, and ensure they have the technical expertise to meet these standards.

Disclaimer: This information is extracted from the 2025 Franchise Disclosure Document and is provided for research purposes only. It does not constitute legal or financial advice. Consult with a franchise attorney before making any investment decisions.
All Brueggers_Bagels 2025 FAQs Ask FDD Ninja