In the event of a Data Breach, what rights does Moes Southwest Grill have regarding investigation and remediation?
Moes_Southwest_Grill Franchise · 2025 FDDAnswer from 2025 FDD Document
In the event of an actual or suspected Data Breach, you grant us and our designees and agents the right, exercisable in our sole and absolute discretion, to conduct an investigation of the incident and to install, run, and maintain any hardware, software, or code on your Computer System or in your computer network necessary or advisable to facilitate the investigation and to contain and remediate the incident, and you agree to cooperate with us and to provide us with any access and information we may reasonably request for those purposes.
Nothing in the preceding sentence shall relieve you of your obligation to comply with applicable laws, regulations, rules, standards or any equivalent thereof concerning an actual or suspected Data Breach.
You are responsible for any costs or financial losses you incur or remedial actions that you must take as a result of an actual or suspected Data Breach.
Source: Item 22 — Contracts (FDD page 92)
What This Means (2025 FDD)
According to the 2025 Moe's Southwest Grill Franchise Disclosure Document, in the event of an actual or suspected data breach, franchisees grant Moe's Southwest Grill and its designated agents the right to investigate the incident. This right is exercisable at Moe's Southwest Grill's sole and absolute discretion. Moe's Southwest Grill can install and maintain hardware, software, or code on the franchisee's computer systems or network to facilitate the investigation, contain the incident, and remediate the issues. The franchisee is obligated to cooperate with Moe's Southwest Grill and provide any access and information reasonably requested for these purposes.
It's important to note that these rights do not relieve the franchisee of their obligation to comply with all applicable laws, regulations, rules, and standards concerning data breaches. The franchisee remains responsible for any costs, financial losses, or remedial actions they must take as a result of a data breach. This means that while Moe's Southwest Grill can step in to investigate and help remediate, the ultimate financial responsibility for dealing with the breach falls on the franchisee.
Furthermore, franchisees are required to use vendors that provide security services consistent with Moe's Southwest Grill's privacy requirements, potentially including approved suppliers designated by Moe's Southwest Grill. Franchisees must also submit annual proof of PCI-DSS compliance and provide evidence of compliance with privacy requirements upon request. Moe's Southwest Grill may also require franchisees to conduct periodic security audits through approved vendors. If a security breach is suspected or known, the franchisee must immediately notify Moe's Southwest Grill and promptly remediate the source of the breach at their own expense. Franchisees are also responsible for providing all breach notifications and monitoring credit histories related to the breach.