Does a Hardees franchisee have to ensure that the restaurant has the required technology to operate the loyalty program?
Hardees Franchise · 2025 FDDAnswer from 2025 FDD Document
ary materials at then-current prices whenever adopted system-wide by HR; (5) comply with Point to Point Credit Encryption Standards ("P2PE") and the
Payment Card Industry Data Security Standard ("PCI DSS") at all times, and if necessary to maintain such compliance, upgrade its technology, at Franchisee's expense; and (6) engage any vendor that HR designates to ensure the security of Franchisee's data and compliance with P2PE and PCI DSS. Franchisee must maintain continuous compliance and attest annually by providing a completed and signed PCI Attestation of Compliance (AOC) to HR.
Franchisee acknowledges that computer systems are designed to accommodate a finite amount of data and terminals, and that, as these limits are reached, or as technology or software is developed in the future, HR may, in its sole discretion, mandate that Franchisee: (A) add memory, ports and other accessories or peripheral equipment or additional, new or substitute software to the original computer system purchased by Franchisee; and (B) replace or upgrade the entire computer system with a larger system capable of assuming and discharging the computer-related tasks and functions specified by HR. Franchisee also acknowledges that computer designs and functions change periodically and that HR may desire to make substantial modifications to its computer specifications or to require installation of entirely different systems during the term of this Agreement or upon renewal of this Agreement.
To ensure full operational efficiency and communication capability between HR's computers and those of all Hardee's Restaurants, Franchisee agrees, at its expense, to keep its computer system in good maintenance and repair and to make additions, changes, modifications, substitutions and replacements to its computer hardware, software, telephone and power lines and other computer-related facilities as directed by HR, and on the dates and within the times specified by HR in its sole discretion. Upon termination or expiration of this Agreement, all computer software, disks, tapes and other magnetic storage media shall be returned to HR in good operating condition, excepting normal wear and tear.
Franchisee agrees to utilize administrative, physical, and technical safeguards designed to protect systems and data from unauthorized access, disclosure, acquisition, destruction, use, or modification that are consistent with industry standards and best practices. Franchisee further agrees to adhere to any applicable law relating to data security. In the event of a suspected or actual data breach, Franchisee will notify HR within 24 hours of becoming aware of the actual or suspected data breach and provide timely updates and information when requested by HR.
Source: Item 22 — Contracts (FDD page 85)
What This Means (2025 FDD)
According to Hardees's 2025 Franchise Disclosure Document, franchisees are responsible for maintaining the necessary technology for operational efficiency and communication with Hardees's systems. Specifically, the franchisee must keep its computer system in good repair and make any additions, changes, modifications, substitutions, and replacements to its computer hardware, software, telephone and power lines, and other computer-related facilities as directed by Hardees. This includes keeping the system up to date to ensure full operational efficiency and communication capability. Upon termination or expiration of the Franchise Agreement, all computer software, disks, tapes, and other magnetic storage media must be returned to Hardees in good operating condition, with exceptions for normal wear and tear.
Hardees franchisees must also use administrative, physical, and technical safeguards to protect systems and data from unauthorized access, disclosure, acquisition, destruction, use, or modification, consistent with industry standards and best practices. Franchisees must adhere to any applicable law relating to data security. In the event of a suspected or actual data breach, the franchisee must notify Hardees within 24 hours and provide timely updates and information when requested. Compliance with industry standards and best practices regarding breach reporting and notification obligations is mandatory, and franchisees must take all necessary and appropriate corrective action to remedy the data breach and prevent recurrence.
Furthermore, Hardees franchisees are required to use the proprietary software program, system documentation manuals, and other proprietary materials required by Hardees in connection with the operation of the franchised restaurant. Franchisees must also input and maintain data and information in their computers as prescribed by Hardees in the OPM, software programs, or documentation. They are also required to purchase new or upgraded software programs, system documentation manuals, and other proprietary materials at then-current prices whenever adopted system-wide by Hardees. Franchisees must comply with Point to Point Credit Encryption Standards (P2PE) and the Payment Card Industry Data Security Standard (PCI DSS) at all times, upgrading their technology at their own expense if necessary to maintain compliance and engage any vendor that Hardees designates to ensure data security and compliance with P2PE and PCI DSS. Continuous compliance must be maintained, and franchisees must attest annually by providing a completed and signed PCI Attestation of Compliance (AOC) to Hardees.