What commercially reasonable procedures does Crisp & Green prescribe to prevent unauthorized use or disclosure of Confidential Information?
Crisp_Green Franchise · 2024 FDDAnswer from 2024 FDD Document
ion. We may require you to participate in social media initiatives directed by us. If we provide you with a username/handle and password, you may not alter such username/handle and password without our prior approval.
9.09 Customer Data. All information, mailing lists and databases of Customer Data from whatever source derived, is and shall be our property. You agree not to use such information, except in connection with your Franchised Restaurant in accordance with this Agreement. You agree not to use, process, copy, display, publish, store or transfer the Customer Data without our approval. You agree to comply with all applicable laws with respect to Customer Data; in addition, you agree to comply with our data privacy and security requirements and to exert commercially reasonable efforts to prevent the unauthorized use, dissemination, or publication of Customer Data, subject in all instances to applicable laws. If you know or suspect any unauthorized access to Customer Data (a "data breach"), you must immediately notify us and promptly identify and remediate the source of the compromise at your sole cost and expense. You must also promptly notify us if you become the subject of any governmental, regulatory, or other enforcement or private proceeding relating to your handling of Customer Data. We will be responsible for providing any credit monitoring or other services to customers in connection with a data breach. We will charge you, and you agree to pay, all of our costs and expenses associated with our activities in responding to such data breach, including communications and notices to customers, the provision of credit monitoring or similar services (if applicable), and professional fees paid by us (including legal fees) in connection with such data breach. You agree to promptly take, at your sole cost and expense, any and all remedial measures relating to data security recommended by us in response to such data breach.
9.10 Credit Cards. You agree to honor and accept at your Franchised Restaurant all credit, debit, and similar cards and devices approved or required by us, and to not honor or accept any credit, debit, or similar cards or devices not approved by us in writing. You
agree to use the system and equipment we require for processing credit cards and any costs to do so are at your expense. You agree to abide by (i) the Payment Card Industry ("PCI") Data Security Standards enacted by the applicable payment card association (as they may be modified at any time and from time to time or as successor standards are adopted); and (ii) all other security standards and guidelines that may be published at any time and from time to time by payment card companies and applicable to customer credit card and debit card information.
9.11 Pricing.
Source: Item 23 — RECEIPTS (FDD pages 66–252)
What This Means (2024 FDD)
According to the 2024 Crisp & Green Franchise Disclosure Document, franchisees must exert commercially reasonable efforts to prevent the unauthorized use, dissemination, or publication of Customer Data, subject to applicable laws. If a data breach occurs, the franchisee must immediately notify Crisp & Green and promptly identify and remediate the source of the compromise at their sole cost and expense. Franchisees must also promptly notify Crisp & Green if they become the subject of any governmental, regulatory, or other enforcement or private proceeding relating to their handling of Customer Data.
Crisp & Green will handle providing credit monitoring or other services to customers affected by a data breach. However, the franchisee is responsible for paying all costs and expenses associated with Crisp & Green's activities in responding to the breach. These costs include communications and notices to customers, the provision of credit monitoring or similar services, and professional fees, including legal fees. Franchisees must also take any remedial measures relating to data security recommended by Crisp & Green in response to the data breach at their own expense.
In addition to protecting Customer Data, prospective franchisees also agree to protect Crisp & Green's Confidential Information as outlined in the Letter of Intent. Franchisees acknowledge that they may have access to confidential information related to Crisp & Green's products, sales, or business, which constitutes a valuable asset. Franchisees agree not to use this Confidential Information for any purpose other than developing Crisp & Green restaurants and not to disclose it to any person without Crisp & Green's prior written consent.