What is a 'Security Incident' according to the City Wide franchise agreement?

According to City Wide's 2025 Franchise Disclosure Document, a 'Security Incident' is defined within the context of the franchisee's obligations regarding customer data. Specifically, it refers to any actual or suspected event involving the accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access to customer data. This definition is tied to violations of applicable privacy laws, the franchise agreement itself, or the operating manual provided by City Wide.

This definition places a clear responsibility on the City Wide franchisee to protect customer data and to be vigilant in identifying and responding to any potential breaches or incidents. The franchisee must assist and cooperate with City Wide in investigating any such security incident and take the steps deemed necessary by City Wide to rectify any non-compliance issues. This includes adhering to data confidentiality terms and providing data privacy and security training to employees who handle customer data or have access to system controls.

For a prospective City Wide franchisee, this means understanding and implementing robust data protection measures from the outset. It also means being prepared to work closely with City Wide in the event of a security incident, following their guidance to resolve the issue and prevent future occurrences. The franchisee should also be aware of the potential legal and financial repercussions of failing to adequately protect customer data, as they are required to indemnify City Wide from any liability arising from such failures.

This emphasis on data security is increasingly important in today's business environment, given the growing number of cyber threats and the increasing stringency of data privacy regulations. A City Wide franchisee must prioritize data protection to maintain customer trust, avoid legal penalties, and uphold the reputation of the City Wide brand.