What constitutes 'industry-standard firewall technology' that Acumera employs for Dq Treat?
Dq_Treat Franchise · 2025 FDDAnswer from 2025 FDD Document
at Participating Location's Location(s) is and remains Acumera's property. By its possession and use, Participating Location acquires no rights or interests of any kind in the intellectual property and hereby expressly covenants that it will not disclose anything about Acumera's intellectual property or allow any physical access to Acumera's intellectual property. If Participating Location is subject to a claim or demand that the Services infringe a third party's property rights, Acumera will: (1) procure for Participating Location the right to continue to use the Services, replace the Services , or modify the Services to avoid infringement; and (2) indemnify Participating Location against damages and costs
(including reasonable attorney's fees and legal expenses) incurred in connection with the alleged infringement. This document was downloaded from franchimp.com. All the information on this website is published in good faith and for general information purpose only. FranChimp.com does not make any warranties about the completeness, reliability, and accuracy of this information. Any action you take upon the information you find on this website (FranChimp.com), is strictly at your own risk. We will not be liable for any losses and/or damages in connection with the use of our website.
- 17. Responsibility for PCI-DSS Compliance and Network Security. Acumera supplies and manages the firewall and the configuration of that firewall required to provision its services. Acumera establishes firewall configuration and policy based on PCI-DSS recommendations, generally accepted industry best practices and in consultation with Dairy Queen. Participating Location acknowledges that:
- 17.1. Once Dairy Queen and Acumera have established security configurations and policies for the Dairy Queen system, Acumera will not honor Participating Location requests to configure Equipment in ways that are contrary to those established configurations and policies unless and until Acumera receives a Configuration Exception from Dairy Queen.
- 17.2. "Configuration Exception" shall mean a written exception to a configuration policy from Dairy Queen, describing the Participating Location and the requested exception in sufficient detail to allow Acumera to fulfill the request.
- 17.3. Dairy Queen has agreed to respond to the request for a Configuration Exception within 2 business days.
- 17.4. Participating Locations may request information on Dairy Queen's established security configurations and policies from Dairy Queen.
Source: Item 17 — The following paragraph is added to the end of Item 17 of the Disclosure Document: (FDD pages 70–378)
What This Means (2025 FDD)
According to Dq Treat's 2025 Franchise Disclosure Document, Acumera establishes firewall configurations and policies based on PCI-DSS recommendations, generally accepted industry best practices, and in consultation with Dairy Queen. This means that the firewall technology used is aligned with established security standards for protecting cardholder data and other sensitive information. For a Dq Treat franchisee, this implies that the security measures implemented are designed to meet recognized benchmarks and are regularly updated to address emerging threats.
Acumera will not honor any requests from the franchisee to configure the equipment in ways that go against the established security configurations unless Acumera receives a Configuration Exception from Dairy Queen. A Configuration Exception is a written exception to a configuration policy from Dairy Queen, which describes the Participating Location and the requested exception in sufficient detail to allow Acumera to fulfill the request. Dairy Queen has agreed to respond to the request for a Configuration Exception within 2 business days. Franchisees can request information on Dairy Queen's established security configurations and policies from Dairy Queen.
Acumera also recommends segmentation of the card data environment (CDE) to isolate it away from all other segments containing non-CDE network traffic, in accordance with PCI-DSS standards. Acumera will not entertain requests from Participating Locations to allow non-CDE network traffic within the CDE, unless and until the Participating Location receives a Configuration Exception from Dairy Queen and provides it to Acumera. Acumera does not recommend opening firewall ports to allow traffic or access for non-business related needs, including, by example, the use of insecure remote access tools, and Acumera will not carry out any request by a Participating Location to do so, unless and until Participating Location receives a Configuration Exception from Dairy Queen and provides it to Acumera.
However, Acumera has exclusions regarding liability to Participating Locations for any data breach that occurs in a manner that industry-standard firewall technology employed at the time of the breach is not able to prevent. It is important for a prospective franchisee to understand the scope and limitations of the firewall technology provided, and to ensure that their own practices align with the recommended security measures to minimize potential risks.