What is the Learningrx franchisee's obligation regarding the collection of Personal Information?
Learningrx Franchise · 2025 FDDAnswer from 2025 FDD Document
In the operation of the LearningRx Franchised Business, Franchisee will receive "Customer Data." "Customer Data" is information, records, lists or data that contains "Personal Information." "Personal Information" includes information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, potential consumer, individual or household, as such term may be further defined or amended by applicable federal, state and local statutes, regulations, ordinances and requirements, including but not limited to, the California Consumer Privacy Act.
Personal Information is collected, maintained or generated in the operation of the LearningRx Franchised Business, including through the use of a point of sale system.
(a) Franchisee agrees, at its sole cost and expense, to at all times:
(b) comply with the data protection, collection, maintenance and use requirements for Customer Data set out in the Operations Manual and this Franchise Agreement, including all policies, procedures and controls that Franchisor implements now or in the future;
(c) comply with all applicable federal, state and local statutes, regulations, ordinances and requirements, including but not limited to, the California Consumer Privacy Act, relating to the data protection, collection, maintenance and use of Customer Data (collectively, "Privacy Laws");
(d) assist and otherwise cooperate with Franchisor to ensure Franchisor's and Franchisee's compliance with applicable Privacy Laws;
(e) promptly notify Franchisor in writing of any Security Incident (defined below) that Franchisee becomes aware of or discovers.
Franchisee will assist and otherwise cooperate with Franchisor to investigate any such Security Incident and will take all required steps, as determined by Franchisor, to remedy Franchisee's noncompliance with applicable Privacy Laws, this Agreement or the Operations Manual.
Source: Item 23 — RECEIPT (FDD pages 54–209)
What This Means (2025 FDD)
According to the 2025 Learningrx Franchise Disclosure Document, franchisees have specific obligations regarding the collection, maintenance, and use of customer data, which includes Personal Information. Customer Data encompasses any information, records, lists, or data containing Personal Information. Personal Information is broadly defined as any data that identifies, relates to, describes, or could be linked to a particular consumer, potential consumer, individual, or household, and is subject to federal, state, and local statutes like the California Consumer Privacy Act. This data is collected and maintained through various means, including point of sale systems used in the Learningrx franchised business.
Learningrx franchisees are required to comply with data protection requirements outlined in the Operations Manual and the Franchise Agreement. This includes adhering to all policies, procedures, and controls implemented by Learningrx, both present and future. Franchisees must also comply with all applicable Privacy Laws, including federal, state, and local statutes, regulations, ordinances, and requirements related to data protection. They are obligated to assist and cooperate with Learningrx to ensure compliance with these Privacy Laws.
Furthermore, Learningrx franchisees must promptly notify Learningrx in writing of any Security Incident they become aware of or discover. They are also required to assist and cooperate with Learningrx in investigating any such Security Incident. Franchisees must take all necessary steps, as determined by Learningrx, to remedy any noncompliance with applicable Privacy Laws, the Franchise Agreement, or the Operations Manual. These obligations are at the franchisee's sole cost and expense, highlighting the financial responsibility franchisees bear in maintaining data protection standards.
In practical terms, this means a prospective Learningrx franchisee needs to be prepared to invest in systems and training to ensure compliance with evolving data privacy regulations. They must also establish procedures for promptly identifying and reporting security incidents. The broad definition of Personal Information and the reference to laws like the California Consumer Privacy Act suggest that Learningrx franchisees need to stay informed about changes in privacy laws and adapt their practices accordingly. The franchisor's right to determine the steps needed to remedy noncompliance also implies that franchisees must be prepared to implement changes directed by Learningrx to address any data protection issues.