What is the Floyds 99 franchisee required to do to prevent unauthorized access to the Program?
Floyds_99 Franchise · 2025 FDDAnswer from 2025 FDD Document
The Franchisee shall keep the Program and any data generated by the use of the Program confidential during and after the term hereof, and shall establish and maintain such security precautions as are prescribed by the Franchisor from time to time to maintain the secrecy of the Program and any data generated by the use of the Program, and to prevent the unauthorized access to or use, disclosure or copying of the Program or any data generated by the use of the Program.
The Franchisee shall cause each of its employees who has access to the Program to execute a written confidentiality agreement in a form prescribed or approved in writing by the Franchisor.
The Franchisee must purchase, install and implement computer data security hardware and software, firewall protection, and security breach insurance through the Franchisor's designated or approved supplier.
Franchisee agrees to comply with Franchisor's standards and specifications which include, without limitation, using Franchisor's designated credit card processing service (which operates through the POS System) and taking security measures that comply with PCI Security Standards.
Franchisee is solely responsible for protecting Customer Data from cyberattacks or unauthorized access, and Franchisee waives any claim it may have against Franchisor as the direct or indirect result of such attacks or unauthorized access.
Franchisee must comply with all applicable federal, state, and local laws and regulations concerning the storage, handling, use and protection of Customer Data.
In addition, Franchisee must comply with any data protection and breach response policies Franchisor periodically may establish and must not use or disclose Customer Data in a manner that would cause Franchisor to be in violation of Franchisor's published privacy policy.
Franchisee must notify Franchisor immediately of any actual or suspected data breach or cyber-attack at or in connection with the FLOYD'S 99 Shop and/or Customer Data.
Source: Item 22 — CONTRACTS (FDD pages 57–58)
What This Means (2025 FDD)
According to the 2025 Floyds 99 FDD, franchisees must adhere to specific security measures to protect the Program and data. These measures include maintaining security precautions as prescribed by Floyds 99 to keep the Program secret and prevent unauthorized access, use, disclosure, or copying of the Program or any data generated by it. Additionally, franchisees must ensure that all employees with access to the Program sign a written confidentiality agreement in a form prescribed or approved by Floyds 99.
To further safeguard data and systems, Floyds 99 franchisees are required to purchase, install, and implement computer data security hardware and software, firewall protection, and security breach insurance through Floyds 99's designated or approved supplier. They must also comply with Floyds 99's standards and specifications, including using Floyds 99's designated credit card processing service and adhering to PCI Security Standards.
Moreover, franchisees are responsible for protecting customer data from cyberattacks or unauthorized access and must comply with all applicable federal, state, and local laws and regulations concerning the storage, handling, use, and protection of Customer Data. They must also adhere to any data protection and breach response policies established by Floyds 99 and must not use or disclose Customer Data in a manner that violates Floyds 99's published privacy policy. Franchisees are obligated to immediately notify Floyds 99 of any actual or suspected data breach or cyber-attack related to the Floyds 99 Shop or Customer Data.
These requirements highlight the importance Floyds 99 places on data security and the protection of its proprietary information and customer data. Franchisees must invest in the necessary security measures and training to comply with these requirements and mitigate the risk of unauthorized access or data breaches. Failure to comply with these security measures could result in penalties or termination of the franchise agreement.