How quickly must a Crowne Plaza licensee comply with a Security Practices Update issued by IHG?

According to Crowne Plaza's 2025 Franchise Disclosure Document, a licensee must comply with any Security Practices Update within thirty (30) days following the date of the Security Practices Update. These updates are provided in writing by IHG and may be amended at any time without prior notice, at IHG's sole discretion. These updates may include additional terms and conditions, including additional obligations for the licensee.

In addition to the 30-day compliance period for Security Practices Updates, Crowne Plaza licensees must also comply with any changes to applicable laws, contractual obligations, and industry requirements, such as PCI DSS, within the time period provided by such law or industry requirement. This means that if a new law or industry standard requires immediate compliance, the licensee must adhere to that timeline, which may be shorter than the 30-day period allowed for Security Practices Updates.

This requirement ensures that all Crowne Plaza hotels maintain adequate security and data protection practices, aligning with IHG's standards and legal requirements. It is the licensee's responsibility to stay informed about these updates and changes and to implement them promptly to avoid any potential security breaches or non-compliance issues. Franchisees should factor in the potential costs and operational adjustments needed to meet these security requirements when evaluating the franchise opportunity.