What specific security measures is a Moes Southwest Grill franchisee currently required to maintain?
Moes_Southwest_Grill Franchise · 2025 FDDAnswer from 2025 FDD Document
We require that you use vendors (and may require you to use one or more Approved Suppliers that we designate) to provide security services that are consistent with the Privacy Requirements.
We currently require you to use a managed firewall, conduct a quarterly network scan, maintain anti-virus/anti-malware software, and use managed Wi-Fi, but we may modify from time to time the specific security measures that you must maintain.
We require that you submit annually proof of your PCI-DSS compliance status, and we may require you to provide evidence of compliance with applicable Privacy Requirements upon our request.
We may require you to use vendors or Approved Suppliers to conduct periodic security audits to ensure that personal data is adequately protected.
We may require you to provide, or make available, to us copies of any audits, scanning results, or related documentation relating to such compliance or audits.
We may charge a reasonable fee for us to review your systems and verify your compliance with these requirements, which will not exceed 110% of our or our affiliates' actual costs and expenses related to such services.
If you suspect or know of a security breach, you must immediately give us notice of such security breach and promptly identify and remediate the source of any compromise or security breach at your expense.
You assume all responsibility for providing all notices of breach or compromise and all duties to monitor credit histories and transactions concerning customers of the Franchised Business.
- 12.3 Data Breach Notification.
If you learn of an incident that may be a "breach of the security of the system" under Cal.
Civ.
Code § 1798.82 or any other data breach notification Law, you must immediately notify us of the facts that are known about the incident (a "Data Breach").
Although you are responsible for complying with all data breach notification Laws and standards applicable to your organization, we expect that you will coordinate with us regarding such incidents where notification to individuals is required before individuals are notified so that we can be aware of and be prepared to address issues that may affect the System and be in a position to support you where possible.
Source: Item 22 — Contracts (FDD page 92)
What This Means (2025 FDD)
According to the 2025 FDD, Moes Southwest Grill requires franchisees to maintain specific security measures to protect personal data and ensure PCI-DSS compliance. Currently, franchisees must use a managed firewall, conduct quarterly network scans, maintain anti-virus/anti-malware software, and use managed Wi-Fi. However, Moes Southwest Grill may modify these specific security measures from time to time.
Moes Southwest Grill also requires franchisees to submit annual proof of their PCI-DSS compliance status and may request evidence of compliance with applicable Privacy Requirements. Additionally, Moes Southwest Grill may require franchisees to use approved vendors to conduct periodic security audits to ensure personal data is adequately protected. Franchisees may also be required to provide copies of audits, scanning results, or related documentation to Moes Southwest Grill upon request.
If a security breach is suspected or known, franchisees must immediately notify Moes Southwest Grill and promptly identify and remediate the source of the breach at their own expense. Franchisees are responsible for providing all breach notifications and monitoring credit histories and transactions concerning customers of the Franchised Business. Moes Southwest Grill expects franchisees to coordinate with them regarding data breach incidents where notification to individuals is required, to address issues that may affect the System and support the franchisee where possible.
Moes Southwest Grill may charge a reasonable fee, not exceeding 110% of their actual costs, to review a franchisee's systems and verify compliance with these security requirements. These measures are in place to protect customer data and maintain the integrity of the Moes Southwest Grill system, and non-compliance can have serious repercussions for a franchisee.