What California law regarding consumer privacy must City Wide franchisees comply with?
City_Wide Franchise · 2025 FDDAnswer from 2025 FDD Document
a medical doctor) reasonably determines that Franchisee is incapacitated or incapable of running the Franchised Business, and to receive a reasonable fee for such services.
- 7.33 Tax Documentation. Franchisee shall submit copies of all tax returns, tax filing documents, tax withholding documents, proofs of insurance, certificates of good standing, and other documentation as required and set forth in the Operating Manual, and as from time to time modified therein.
- 7.34 Privacy Laws. In the operation of the CITY WIDE Franchised Business, Franchisee will receive "Customer Data." "Customer Data" is information, records, lists or data that may contain "Personal Information." "Personal Information" includes information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, potential consumer, individual or household, as such term may be further defined or amended by applicable federal, state and local statutes, regulations, ordinances and requirements, including, but not limited to, the California Consumer Privacy Act. Personal Information is collected, maintained, or generated in the operation of the CITY WIDE Franchised Business, including through the use of a point of sale system.
Franchisee agrees, at its sole cost and expense, to always:
7.34.1 comply with the data protection, collection, maintenance and use requirements for Customer Data set out in the Operating Manual and this Franchise Agreement, including all policies, procedures and controls that Franchisor implements now or in the future.
- 7.34.2 comply with all applicable federal, state and local statutes, regulations, ordinances and requirements, including but not limited to, the California Consumer Privacy Act, relating to the data protection, collection, maintenance and use of Customer Data (collectively, "Privacy Laws");
- 7.34.3 assist and otherwise cooperate with Franchisor to ensure Franchisor's and Franchisee's compliance with applicable Privacy Laws.
- 7.34.4 promptly notify Franchisor in writing of any Security Incident (defined below) that Franchisee becomes aware of or discovers. Franchisee will assist and otherwise cooperate with Franchisor to investigate any such Security Incident and will take all required steps, as determined by Franchisor, to remedy Franchisee's noncompliance with applicable Privacy Laws, this Agreement, or the Operating Manual. For purposes of this Section 7.34.4, "Security Incident" means any actual or suspected accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Data in violation of applicable Privacy Laws, this Agreement or the Operating Manual.
- 7.34.5 promptly provide Franchisor with the ability to delete, access or copy Customer Data in Franchisee's possession or control.
- 7.34.6 promptly notify Franchisor of any request regarding Customer Data received by Franchisee from a "consumer" as defined by applicable Privacy Laws.
- 7.34.7 adopt policies, procedures, and controls, including those set out in the Operating Manual, if any, that enable Franchisee to respond, and to cause its agents and employees to respond, promptly to any rights request made pursuant to applicable Privacy Laws, including any disclosure request, deletion request, or opt-out request.
- 7.34.8 adopt policies, procedures, and controls, including those set out in the Operating Manual, if any, that limit access to Customer Data to only those employees that have a need-to-know basis based on specific job function or role. Franchisee will provide data privacy and security training to employees who have access to Customer Data or who operate or have access to system controls and will require employees to adhere to data confidentiality terms providing for the protection of Customer Data in accordance with this Agreement and the Operating Manual; and
- 7.34.9 maintain Customer Data in confidence in accordance with Section 9 of this Franchise Agreement.
- 7.35 Compliance; Indemnification.
Source: Item 22 — CONTRACTS (FDD page 65)
What This Means (2025 FDD)
According to City Wide's 2025 Franchise Disclosure Document, franchisees must comply with the California Consumer Privacy Act (CCPA). This law applies to the data protection, collection, maintenance, and use of customer data, which includes personal information. Personal information is defined as data that identifies, relates to, describes, or could reasonably be linked, directly or indirectly, with a particular consumer, potential consumer, individual, or household.
City Wide franchisees are obligated to adhere to data protection requirements outlined in the Operating Manual and the Franchise Agreement. This includes following all policies, procedures, and controls implemented by City Wide, both now and in the future. Franchisees must also assist and cooperate with City Wide to ensure compliance with all applicable Privacy Laws. This cooperation extends to promptly notifying City Wide of any security incidents and assisting in investigations to remedy any noncompliance.
Furthermore, City Wide franchisees must provide the franchisor with the ability to delete, access, or copy customer data in their possession and notify City Wide of any consumer requests regarding customer data. They are also required to adopt policies, procedures, and controls that enable them and their employees to respond promptly to rights requests made under applicable Privacy Laws, such as disclosure, deletion, or opt-out requests. Access to customer data should be limited to employees with a need-to-know based on their job function.
To ensure compliance, City Wide franchisees must provide data privacy and security training to employees who access customer data or system controls. These employees must adhere to data confidentiality terms that protect customer data, as outlined in the Franchise Agreement and Operating Manual. Franchisees are also required to maintain customer data in confidence. These measures are designed to protect consumer privacy and ensure that City Wide franchisees operate within the bounds of the California Consumer Privacy Act.