What proof of PCI-DSS compliance is a Churchs Chicken franchisee required to provide annually to Cajun?

According to Churchs Chicken's 2025 Franchise Disclosure Document, franchisees must ensure their credit card, debit card, and similar systems comply with Payment Card Industry Data Security Standards (PCI-DSS). To demonstrate this compliance, Churchs Chicken franchisees must provide Cajun, the franchisor, with annual proof. This proof can be in the form of SAQ (Self-Assessment Questionnaire) and QSA (Qualified Security Assessor) certification or through a third-party validation.

This requirement ensures that all Churchs Chicken locations maintain a secure environment for handling customers' payment information, reducing the risk of data breaches and fraud. By mandating annual proof of compliance, Churchs Chicken aims to protect both its customers and the brand's reputation. Franchisees must also procure a P2Pe encrypted payment terminal for processing credit and debit card transactions, adding an extra layer of security.

For a prospective Churchs Chicken franchisee, this means allocating resources for PCI-DSS compliance and undergoing the necessary assessments and certifications. The cost of compliance can vary depending on the complexity of the payment systems and the chosen method of validation. It is essential for franchisees to budget for these ongoing expenses and to stay updated on the latest security standards and requirements to maintain compliance and safeguard customer data.