What must the Ella Cafe Franchisee do to protect the confidentiality and security of all software systems?
Ella_Cafe Franchise · 2024 FDDAnswer from 2024 FDD Document
s, a high moral and ethical standard in the operation of the Coffee House.
- (b) Accept debit cards, credit cards, stored value cards, or other non-cash payment systems and methods that Franchisor specifies periodically and participate in Franchisor's required payment procedures and collection of funds relating thereto. Further Franchisee will acquire and install all necessary hardware and/or software used in connection with these non-cash payment systems and pay the costs associated therewith. The parties acknowledge and agree that protection of customer privacy and credit card information is necessary to protect the goodwill of businesses operating under the Marks and System. Accordingly, Franchisee agrees that Franchisee will cause the Coffee House to meet or exceed, at all times, all applicable security standards developed by the Payment Card Industry Data Security Standards (PCI DSS) council or its successor and other regulations and industry standards applicable to the protection of customer privacy and credit card information, including but not limited to the Fair and Accurate Credit Transaction Act (FACTA), and all other data security requirements Franchisor prescribes. Franchisee is solely responsible for educating itself as to these regulations and standards and for achieving and maintaining applicable compliance certifications.
- (c) Notify Franchisor in writing within 72 hours of the commencement of any investigation, action, suit, or proceeding or the issuance of any order, writ, injunction, award, or decree of any court, agency, or other government instrumentality, which may adversely affect the operation or financial condition of the Coffee House.
- (d) Upon the occurrence of a Crisis Management Event, immediately inform Franchisor by telephone, or as set forth in this Agreement, of such event and to cooperate fully with Franchisor and with the appropriate authorities with respect to the investigation of the Crisis Management Event. In an effort to mitigate possible damages to the Marks and System, Franchisee must cooperate fully with Franchisor with respect to managing statements and other responses to the Crisis Management Event. "Crisis Management Event" means any event that occurs at or about the Coffee House premises or in connection with the operation of the Coffee House that has or may cause harm or injury to customers or employees, such as food contamination, food spoilage/poisoning, food tampering/sabotage, contagious diseases, natural disasters, terrorist acts, shootings or other acts of violence, data breaches, real or threatened, or any other circumstance which may materially and adversely affect the System or the goodwill symbolized by the Marks.
- (e) Process and handle all customer complaints connected with or relating to the Coffee House and promptly notify Franchisor of all: (a) food related illnesses; (b) safety or health violations; (c) claims exceeding $1,000; and (d) any other material claims against or losses suffered by the Coffee House.
Source: Item 22 — CONTRACTS (FDD page 50)
What This Means (2024 FDD)
According to Ella Cafe's 2024 Franchise Disclosure Document, franchisees must adhere to several requirements to protect the confidentiality and security of software systems and customer data. Ella Cafe franchisees must ensure that all computer systems comply with applicable laws, regulations, and industry standards related to privacy, data security, and the protection of confidential personal information. This includes compliance with the Payment Card Industry Data Security Standards (PCI DSS) and the Fair and Accurate Credit Transaction Act (FACTA). Franchisees are solely responsible for educating themselves about these regulations and maintaining compliance certifications.
Ella Cafe requires franchisees to acquire and install all necessary hardware and software for non-cash payment systems and to cover the associated costs. Protecting customer privacy and credit card information is crucial for maintaining the goodwill of the Ella Cafe brand. Franchisees must meet or exceed all security standards developed by the PCI DSS council and other applicable regulations.
Furthermore, franchisees must use proprietary software programs, system documentation manuals, and other proprietary materials required by Ella Cafe. They must also input and maintain the data and information prescribed by Ella Cafe in the POS system. Franchisees are responsible for the acquisition, operation, maintenance, updates, and upgrades of their computer systems, including ensuring they meet Ella Cafe's standards and properly interface with Ella Cafe's and third-party systems. Failure to properly operate, maintain, and upgrade the computer system can lead to virus and spyware issues, for which the franchisee is fully responsible.