What is the impact on Acumera's liability if the Acumera-provided firewall has been circumvented at a Dq Treat location?

According to Dq Treat's 2025 Franchise Disclosure Document, Acumera bears no liability to a participating Dq Treat location if a data breach occurs during any period in which the Acumera-provided or Acumera-approved firewall or SD-WAN device has been circumvented. This means that if a franchisee bypasses or disables the security measures put in place by Acumera, Acumera is not responsible for any resulting data breach. This lack of liability extends to various scenarios, including when the firewall is disconnected or has yet to be initially connected.

This exclusion of liability also applies if the data breach is due to a failure to implement a security measure as recommended by PCI-DSS Standards, or in any environment where POS system data traffic is not configured to be on an isolated network segment through the Acumera firewall. Similarly, if the franchisee requests access to any system or service not directly related to processing POS transactions, Acumera is not liable, unless the Participating Location received a Configuration Exception from Dairy Queen. Furthermore, Acumera is not liable if Dairy Queen mandates a configuration, policy, or procedure that Acumera recommends against, provided Dairy Queen has been notified of the recommendation.

Additionally, Acumera is not liable if the breach occurs through any firewall in use that has not passed its most recent Approved Scanning Vendor's scan, unless the issue has already been remediated, or if the breach occurs in a manner that industry-standard firewall technology employed at the time of the breach is not able to prevent. This comprehensive exclusion of liability highlights the importance of maintaining the integrity and proper configuration of the Acumera-provided firewall and adhering to recommended security measures to protect against data breaches at Dq Treat locations.