What is Camp Margaritaville's expectation of franchisees regarding industry accepted practices related to data security?
Camp_Margaritaville Franchise · 2025 FDDAnswer from 2025 FDD Document
all relevant records, logs, files, reporting data, systems, Franchisee devices, and other materials as otherwise required by Franchisor. Franchisee shall obtain cyber security insurance in the amounts required by Franchisor and provide a Certificate of Insurance from the insurer to Franchisor, naming Franchisor as an additional insured of Franchisee.
Source: Item 23 — RECEIPTS (FDD pages 72–406)
What This Means (2025 FDD)
According to Camp Margaritaville's 2025 Franchise Disclosure Document, franchisees must follow industry-accepted practices for patching system vulnerabilities. This means keeping software and systems up-to-date with the latest security patches to protect against known exploits and threats.
Camp Margaritaville also requires franchisees to obtain cyber security insurance in amounts mandated by the franchisor, naming the franchisor as an additional insured. This protects both the franchisee and franchisor in the event of a data breach or security incident. Franchisees must also comply with all applicable consumer protection, data protection, privacy, and cybersecurity laws, including GDPR, CCPA, CDPA, CPA, UCPA, CPDPA, TCPA, CAN-SPAM Act, TSR, and the Junk Fax Prevention Act.
Furthermore, franchisees must inform Camp Margaritaville if they can no longer meet their obligations under Data Protection Laws and must take actions and execute documents necessary for compliance with these laws. They must also grant Camp Margaritaville the right to take steps to remediate any unauthorized use of Guest Profile Data and reimburse the franchisor for costs and damages related to non-compliance with Data Protection Laws. These measures ensure that Camp Margaritaville franchisees maintain a strong security posture and protect sensitive data, aligning with industry standards and legal requirements.