Does Checkersrallys require franchisees to obtain approval before using customer data?
Checkersrallys Franchise · 2025 FDDAnswer from 2025 FDD Document
You shall promptly notify us if you become aware of any unauthorized access to the Customer Data, or if you become the subject of any governmental, regulatory, or other enforcement or private proceeding relating to your data handling practices of Customer Data.
- 9.10 Credit Cards. You agree to use the system and equipment we require for processing credit cards and any costs to do so are at your expense.
You agree to abide by (i) the Payment Card Industry ("PCI") Data Security Standards enacted by the applicable Card Associations (as they may be modified at any time and from time to time or as successor standards are adopted); and (ii) all other security standards and guidelines that may be published at any time and from time to time by payment card companies and applicable to customer credit card and debit card information.
If you know or suspect a security breach, you must immediately notify us.
You will promptly identify and remediate the source of the compromise.
You assume all responsibility for providing all notices of breach or compromise and all duties to monitor credit histories and transaction concerning customers of your Franchised Restaurant.
Source: Item 22 — CONTRACTS (FDD pages 91–92)
What This Means (2025 FDD)
The 2025 Checkersrallys Franchise Disclosure Document outlines several requirements related to customer data but does not explicitly state that franchisees must obtain approval before using customer data. It does state that franchisees must use the credit card processing systems and equipment that Checkersrallys requires. Franchisees are obligated to adhere to Payment Card Industry (PCI) Data Security Standards and other security guidelines for customer credit and debit card information.
The FDD emphasizes the franchisee's responsibility to protect customer data. Franchisees must promptly notify Checkersrallys of any unauthorized access to customer data or any proceedings related to their data handling practices. In the event of a security breach, franchisees are required to identify and fix the source of the compromise and assume responsibility for providing breach notices and monitoring credit histories.
Checkersrallys retains the right to collect and use data, but it will not provide financial data to third parties outside its system in a form that readily identifies the specific franchise, unless legally required. Franchisees must also get Checkersrallys' consent to promote or sell products or services related to the restaurant through the internet. While the FDD doesn't require explicit approval for all uses of customer data, the detailed regulations suggest franchisees should maintain caution and transparency in their data practices.