What data and information from a Hardees franchise's computers can HR retrieve, and under what conditions?
Hardees Franchise · 2025 FDDAnswer from 2025 FDD Document
ary materials at then-current prices whenever adopted system-wide by HR; (5) comply with Point to Point Credit Encryption Standards ("P2PE") and the
Payment Card Industry Data Security Standard ("PCI DSS") at all times, and if necessary to maintain such compliance, upgrade its technology, at Franchisee's expense; and (6) engage any vendor that HR designates to ensure the security of Franchisee's data and compliance with P2PE and PCI DSS. Franchisee must maintain continuous compliance and attest annually by providing a completed and signed PCI Attestation of Compliance (AOC) to HR.
Franchisee acknowledges that computer systems are designed to accommodate a finite amount of data and terminals, and that, as these limits are reached, or as technology or software is developed in the future, HR may, in its sole discretion, mandate that Franchisee: (A) add memory, ports and other accessories or peripheral equipment or additional, new or substitute software to the original computer system purchased by Franchisee; and (B) replace or upgrade the entire computer system with a larger system capable of assuming and discharging the computer-related tasks and functions specified by HR. Franchisee also acknowledges that computer designs and functions change periodically and that HR may desire to make substantial modifications to its computer specifications or to require installation of entirely different systems during the term of this Agreement or upon renewal of this Agreement.
To ensure full operational efficiency and communication capability between HR's computers and those of all Hardee's Restaurants, Franchisee agrees, at its expense, to keep its computer system in good maintenance and repair and to make additions, changes, modifications, substitutions and replacements to its computer hardware, software, telephone and power lines and other computer-related facilities as directed by HR, and on the dates and within the times specified by HR in its sole discretion. Upon termination or expiration of this Agreement, all computer software, disks, tapes and other magnetic storage media shall be returned to HR in good operating condition, excepting normal wear and tear.
Franchisee agrees to utilize administrative, physical, and technical safeguards designed to protect systems and data from unauthorized access, disclosure, acquisition, destruction, use, or modification that are consistent with industry standards and best practices.
Source: Item 22 — Contracts (FDD page 85)
What This Means (2025 FDD)
According to Hardees' 2025 Franchise Disclosure Document, Hardees (referred to as HR in the document) has extensive rights regarding the data and information stored on a franchisee's computer systems. Hardees can prescribe the data and information that franchisees must input and maintain in their computer systems, as detailed in the Operations Procedures Manual (OPM), software programs, documentation, or otherwise. This includes the right to direct franchisees to make changes, modifications, substitutions, and replacements to their computer hardware, software, telephone and power lines, and other computer-related facilities.
Hardees also mandates that franchisees use specific proprietary software programs and system documentation manuals. Franchisees are obligated to purchase new or upgraded software programs and system documentation manuals whenever Hardees adopts them system-wide. Furthermore, Hardees can require franchisees to upgrade their technology to maintain compliance with Point to Point Credit Encryption Standards (P2PE) and the Payment Card Industry Data Security Standard (PCI DSS), potentially incurring additional expenses for the franchisee. Franchisees must also engage vendors designated by Hardees to ensure data security and compliance with P2PE and PCI DSS, attesting annually to their compliance by providing a completed and signed PCI Attestation of Compliance (AOC) to Hardees.
Upon termination or expiration of the franchise agreement, all computer software, disks, tapes, and other magnetic storage media must be returned to Hardees in good operating condition, with allowances for normal wear and tear. This ensures that Hardees retains control over its proprietary information and systems. Franchisees are also responsible for implementing administrative, physical, and technical safeguards to protect systems and data from unauthorized access, disclosure, acquisition, destruction, use, or modification, consistent with industry standards and best practices. In the event of a suspected or actual data breach, franchisees must notify Hardees within 24 hours and provide timely updates and information as requested, complying with industry standards for breach reporting and taking corrective action to remedy the breach and prevent recurrence.