What is the Christian Brothers Automotive franchisee's obligation regarding the confidentiality of Customer Information?
Christian_Brothers_Automotive Franchise · 2025 FDDAnswer from 2025 FDD Document
imately purchases any goods or Services from Franchisee. "Customer Information"
Franchise Agreement (Ver 04-14-2025)
Franchisee: ___________
Franchisor: Christian Brothers Automotive Corporation
means any information that Franchisee collects or is required by the Franchisor to collect from and/or maintain about a Customer in connection with the operation of the Franchised Business, including, without limitation, information collected from the point-of-sale systems installed at the Franchised Business. With respect to the privacy of Customer Information, Franchisee will: (i) comply with all applicable privacy laws ("Privacy Laws"); (ii) comply with all mandatory policies in the Confidential Operations Manual that relate to Privacy Laws and the privacy and security of Customer Information; (iii) comply with any posted privacy policy and/or other representations made to Customers, and communicate any limitations required thereby to any authorized receiving party in compliance with all Privacy Laws; (iv) refrain from any action or inaction that could cause Franchisor to breach any Privacy Laws; (v) maintain reasonable physical, technical and administrative safeguards for Customer Information that is in Franchisee's possession or control in order to protect the same from unauthorized processing, destruction, modification, or use that would violate this Agreement or any Privacy Laws; and (vi) undertake any action(s) Franchisor deems necessary to keep Franchisor in compliance with the Privacy Laws. Franchisee will, upon Franchisor's request, provide Franchisor or Franchisor's representatives with access to Franchisee's systems, records, processes and practices that involve processing of Customer Information in order to mitigate a security incident or so that an audit may be conducted. Without limitation to any of the other indemnity obligations in this Agreement, Franchisee will indemnify, defend and hold Franchisor harmless from losses arising out of or relating to: (a) any theft, loss or misuse of Customer Information; and (b) Franchisee's breach of any of the terms, conditions or
Franchise Agreement (Ver 04-14-2025)
Franchisee: ___________
Franchisor: Christian Brothers Automotive Corporation
Property: ____________ 50
obligations relating to data security, privacy, or Customer Information set forth in this
Agreement. Franchisee will immediately notify Franchisor upon discovering or otherwise
learning of any theft, loss or misuse of Customer Information. Franchisee will, at
Franchisor's direction, (x) undertake remediation efforts at Franchisee's sole expense, (y)
undertake efforts to prevent the recurrence of the same type of incident, and (z) reasonably
cooperate with any remediation efforts undertaken by Franchisor. Franchisee will not make
any public comment regarding any data security incident without Franchisor's approval.
Any notifications to the media or to Customers regarding theft or loss of Customer
Information will be handled exclusively by Franchisor at Franchisor's discretion, and
Franchisee may not contact Customers relating to such theft or loss unless Franchisee is
under a legal obligation to notify Customers, in which event (1) Franchisee must notify
Franchisor in writing promptly after concluding that Franchisee has the legal obligation to
notify Customers and (2) Franchisee will limit the notices to Customers to those required
by law or as pre-approved by Franchisor.
Source: Item 23 — RECEIPTS (FDD pages 76–372)
What This Means (2025 FDD)
According to Christian Brothers Automotive's 2025 Franchise Disclosure Document, franchisees have several obligations regarding customer information. "Customer Information" is defined as any information collected from or maintained about a customer in connection with the operation of the franchised business, including data from point-of-sale systems.
Specifically, Christian Brothers Automotive franchisees must (i) comply with all applicable privacy laws, (ii) adhere to all mandatory policies in the Confidential Operations Manual related to privacy laws and the security of Customer Information, (iii) comply with any posted privacy policy and/or other representations made to Customers, (iv) avoid any action that could cause Christian Brothers Automotive to breach any Privacy Laws, (v) maintain reasonable safeguards for Customer Information in their possession to protect it from unauthorized processing, destruction, modification, or use that would violate the Franchise Agreement or any Privacy Laws, and (vi) undertake any actions Christian Brothers Automotive deems necessary to keep them in compliance with Privacy Laws.
Christian Brothers Automotive franchisees must also provide Christian Brothers Automotive or its representatives with access to their systems, records, processes, and practices involving Customer Information to mitigate security incidents or conduct audits. Franchisees are obligated to indemnify, defend, and hold Christian Brothers Automotive harmless from losses arising out of any theft, loss, or misuse of Customer Information, as well as any breach of the terms and conditions related to data security, privacy, or Customer Information outlined in the Franchise Agreement. Franchisees must immediately notify Christian Brothers Automotive upon discovering any theft, loss, or misuse of Customer Information and undertake remediation efforts at their own expense, as directed by Christian Brothers Automotive.
Furthermore, franchisees are prohibited from making any public comments regarding data security incidents without Christian Brothers Automotive's approval. Any notifications to the media or customers regarding theft or loss of Customer Information will be handled exclusively by Christian Brothers Automotive, unless the franchisee is under a legal obligation to notify customers, in which case they must notify Christian Brothers Automotive promptly and limit notices to those legally required or pre-approved by Christian Brothers Automotive. Franchisees must reasonably cooperate with any notices to customers regarding theft or loss of Customer Information and assist with sending such notices if requested.