What data related to PARPay Services is a Dq Treat Participating Location responsible for?
Dq_Treat Franchise · 2025 FDDAnswer from 2025 FDD Document
- 1. In connection with Participating Location's use of the PARPay Services, Participating Location will be responsible for the following:
- b. all Participating Location PARPay Data that is "Gift Credit/Debit Card Masked data";
- c. implementing, monitoring, and managing Participating Location's Store Network and Participating Location's Corporate Network, including all Payment Card Industry Data Security Standards (PCI-DSS) related controls and activities for these networks;
- d. not storing/recording "Gift/Credit/Debit Card Unmasked Data;"
- e. bearing all risk related to the loss or theft of, alteration or damage to, or fraudulent, improper or unauthorized use of any Gift/Credit/Debit Card, Gift/Credit/Debit Card Number or personal identification number in the case of Gift/Credit/Debit Cards by an employee, agent or sub-contractor of Participating Location;
- f. maintain Participating Location's own equipment, managed networks, and managed systems and systems interfaces to appropriate minimum standards;
- g. within ten (10) days of activation of the PARPay Services, access the PARPay Services using Participating Location's office computer with Participating Location's typical network configuration in order to review the PARPay Services; confirm that Participating Location PARPay Data was satisfactorily delivered via the internet, Participating Location's firewall, routing system and office network;
- h. abide by the security procedures specified by PAR and perform reasonable and customary security practices to preclude attempts to circumvent any security procedures or utilize any unauthorized systems in an attempt to access data other than Participating Location's own data;
- i. make all reasonable efforts to assist us in identifying, isolating and replicating issues found in the PARPay Services; and
- j. using the PARPay Services and the Device Software in a manner consistent with these PARPay Terms and with all applicable laws and regulations, including without limitation, copyright, trademark, and
Source: Item 17 — The following paragraph is added to the end of Item 17 of the Disclosure Document: (FDD pages 70–378)
What This Means (2025 FDD)
According to Dq Treat's 2025 Franchise Disclosure Document, a Participating Location using PARPay Services has several responsibilities related to data. These responsibilities primarily revolve around the security, management, and appropriate handling of payment card data. Dq Treat franchisees must manage their store and corporate networks, ensuring they comply with Payment Card Industry Data Security Standards (PCI-DSS). They are also responsible for the security of certain data.
A key restriction is that franchisees must not store or record "Gift/Credit/Debit Card Unmasked Data." This means they cannot keep records of the raw, unencrypted card numbers and related sensitive information. Franchisees bear the risk related to any data breaches, theft, or misuse of card information caused by their employees, agents, or subcontractors. This includes unauthorized use of Gift/Credit/Debit Cards, card numbers, or personal identification numbers.
Within ten days of activating PARPay Services, Dq Treat locations must access the services using their office computer and typical network configuration to ensure the Participating Location PARPay Data was satisfactorily delivered via the internet, Participating Location's firewall, routing system and office network. Franchisees must also maintain their own equipment, networks, and systems to meet minimum standards and adhere to security procedures specified by PAR, taking reasonable steps to prevent unauthorized access to data. They are expected to assist Dq Treat in identifying and resolving any issues with the PARPay Services and use the services and associated software in compliance with all applicable laws and regulations.