factual

What is the Learningrx franchisee's obligation regarding the data protection of Customer Data?

Learningrx Franchise · 2025 FDD

Answer from 2025 FDD Document

dingly, all references in this Agreement to Franchisee's obligations under this Agreement, including to the Center, equipment, procedures, products and materials, shall include such mandatory specifications,

standards, and operating procedures. Franchisor reserves the right to require Franchisee to add additional products or concepts to the Business in the future, at Franchisee's expense.

  • 12.3 Privacy Laws. In the operation of the LearningRx Franchised Business, Franchisee will receive "Customer Data." "Customer Data" is information, records, lists or data that contains "Personal Information." "Personal Information" includes information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, potential consumer, individual or household, as such term may be further defined or amended by applicable federal, state and local statutes, regulations, ordinances and requirements, including but not limited to, the California Consumer Privacy Act. Personal Information is collected, maintained or generated in the operation of the LearningRx Franchised Business, including through the use of a point of sale system.
    • (a) Franchisee agrees, at its sole cost and expense, to at all times:
  • (b) comply with the data protection, collection, maintenance and use requirements for Customer Data set out in the Operations Manual and this Franchise Agreement, including all policies, procedures and controls that Franchisor implements now or in the future;
  • (c) comply with all applicable federal, state and local statutes, regulations, ordinances and requirements, including but not limited to, the California Consumer Privacy Act, relating to the data protection, collection, maintenance and use of Customer Data (collectively, "Privacy Laws");
  • (d) assist and otherwise cooperate with Franchisor to ensure Franchisor's and Franchisee's compliance with applicable Privacy Laws;
  • (e) promptly notify Franchisor in writing of any Security Incident (defined below) that Franchisee becomes aware of or discovers. Franchisee will assist and otherwise cooperate with Franchisor to investigate any such Security Incident and will take all required steps, as determined by Franchisor, to remedy Franchisee's noncompliance with applicable Privacy Laws, this Agreement or the Operations Manual. For purposes of this Section 12.03, "Security Incident" means any actual or suspected accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Data in violation of applicable Privacy Laws, this Agreement or the Operations Manual.
  • (f) promptly provide Franchisor with the ability to delete, access or copy Customer Data in Franchisee's possession or control;
  • (g) promptly notify Franchisor of any request regarding Customer Data received by the Franchisee from a "consumer" as defined by applicable Privacy Laws;
  • (h) adopt policies, procedures, and controls, including those set out in the Operations Manual, if any, that enable Franchisee to respond, and to cause its agents and employees to respond, promptly to any rights request made pursuant to applicable Privacy Laws, including any disclosure request, deletion request, or opt-out request;
  • (i) adopt policies, procedures, and controls, including those set out in the Operations Manual, if any, that limit access to Customer Data to only those employees that have a need-to-know basis based on specific job function or role. Franchisee will provide data privacy and security training to employees who have access to Customer Data or who operate or have access to system controls and will require employees to adhere to data confidentiality terms providing for the protection of Customer Data in accordance with this Agreement and the Operations Manual; and

  • (j) maintain Customer Data in confidence in accordance with Section 7 of this Franchise Agreement.
  • 12.4 Uniformity and Image. In order to maintain uniform standards of quality, appearance, and marketing, it is essential that Franchisee conform to Franchisor's standards and specifications.

Source: Item 23 — RECEIPT (FDD pages 54–209)

What This Means (2025 FDD)

According to Learningrx's 2025 Franchise Disclosure Document, franchisees have several obligations regarding the protection of customer data. "Customer Data" includes any information that can identify a consumer, potential consumer, individual, or household, as defined by applicable privacy laws like the California Consumer Privacy Act. This data is collected and maintained during the operation of the Learningrx franchised business, including through point of sale systems.

Learningrx franchisees must comply with data protection requirements outlined in the Operations Manual and the Franchise Agreement, including all current and future policies, procedures, and controls. They must also adhere to all applicable federal, state, and local statutes, regulations, ordinances, and requirements related to data protection, collection, maintenance, and use of Customer Data, collectively known as "Privacy Laws". Franchisees are required to assist and cooperate with Learningrx to ensure compliance with these Privacy Laws.

Furthermore, Learningrx franchisees must promptly notify Learningrx of any Security Incident, defined as any actual or suspected accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access to Customer Data. Franchisees must also assist Learningrx in investigating any Security Incident and take all necessary steps to remedy any noncompliance with Privacy Laws, the Franchise Agreement, or the Operations Manual, as determined by Learningrx. Franchisees are obligated to provide Learningrx with the ability to delete, access, or copy Customer Data in their possession and must notify Learningrx of any requests regarding Customer Data received from a consumer as defined by applicable Privacy Laws.

To ensure compliance, Learningrx franchisees must adopt policies, procedures, and controls that enable them and their employees to respond promptly to any rights request made pursuant to applicable Privacy Laws, including disclosure, deletion, or opt-out requests. Access to Customer Data should be limited to employees with a need-to-know based on their job function. Franchisees are also required to provide data privacy and security training to employees who access Customer Data or system controls and ensure they adhere to data confidentiality terms. Finally, franchisees must maintain Customer Data in confidence, as outlined in Section 7 of the Franchise Agreement.

Disclaimer: This information is extracted from the 2025 Franchise Disclosure Document and is provided for research purposes only. It does not constitute legal or financial advice. Consult with a franchise attorney before making any investment decisions.
All Learningrx 2025 FAQs Ask FDD Ninja