What happens if the Bumper Man franchisee does not comply with the PCI DSS?
Bumper_Man Franchise · 2025 FDDAnswer from 2025 FDD Document
processing such payment. Franchisee must comply with the PCI DSS as they may be revised and modified by the Payment Card Industry Security Standards Council, or any successor or replacement organization and/or in accordance with other standards Franchisor may specify, and FACTA. Franchisee also must upgrade periodically its Technology System, at Franchisee's expense, to maintain compliance with PCI DSS, FACTA and all Applicable Law. Franchisee must notify Franchisor immediately if it is notified of a credit card breach (as such constitutes a Crisis Management Event) related to the Bumper Business and Franchisee's business related thereto and must cooperate with applicable authorities fully with respect to the investigation. Further, Franchisee must cooperate with Franchisor fully with respect to media statements (if any) and other items related to managing the Crisis Management Event for the purpose of protecting the Marks and System.
Source: Item 23 — RECEIPTS (FDD pages 45–180)
What This Means (2025 FDD)
According to the 2025 Bumper Man Franchise Disclosure Document, franchisees must comply with the PCI DSS (Payment Card Industry Data Security Standards) as they may be revised. Franchisees must also upgrade their Technology System periodically, at their own expense, to maintain compliance with PCI DSS, FACTA, and all Applicable Laws.
If a franchisee is notified of a credit card breach related to their Bumper Business, they must immediately notify Bumper Man. The franchisee is obligated to cooperate fully with applicable authorities during any investigation. Additionally, the franchisee must cooperate fully with Bumper Man regarding any media statements or other items related to managing the crisis, with the aim of protecting the Bumper Man Marks and System.
Failure to comply with these standards could lead to a breach of the franchise agreement and potential termination. It is important for prospective franchisees to understand the costs associated with maintaining PCI DSS compliance, including the periodic upgrades to the Technology System. Franchisees should also be prepared to respond quickly and cooperatively in the event of a data breach to mitigate damage to the brand and the franchise system.