For Even Hotels franchisees, who is responsible for maintaining the security of their own login information?

According to the 2025 Even Hotels Franchise Disclosure Document, the hotel, meaning the franchisee, is responsible for ensuring that all designated users comply with industry best practices for maintaining the security of their login information. This includes implementing secure passwords, regularly changing passwords, and protecting the security and privacy of their user logins and the PMS Data.

This means that Even Hotels franchisees must take proactive steps to train their employees (designated users) on password security and data protection. They need to enforce policies that ensure strong passwords are used and changed regularly. This is a standard practice in the franchise industry, especially in hospitality, where data security is critical due to the handling of guest information.

The franchisee is also responsible for any claims or losses resulting from unauthorized third-party access to the PMS Solution or PMS Data if it arises from a breach of these security obligations. This underscores the importance of franchisees taking their data security responsibilities seriously, as failures can lead to financial and legal repercussions.

Furthermore, the Even Hotels franchisee must comply with any additional security requirements provided by HotelKey or IHG in writing, which may be updated periodically. This means franchisees need to stay informed about the latest security protocols and implement them promptly to maintain compliance and protect sensitive data.