factual

What section of the Sonesta Simply Suites agreement discusses information security?

Sonesta_Simply_Suites Franchise · 2025 FDD

Answer from 2025 FDD Document

You must comply with all applicable laws, including laws related to data privacy and data security laws and regulations that may be applicable to your Hotel, including any requirements of the credit card processing industry, including PCI DSS and any successor standard, and the information that your Hotel collects from its customers and prospective customers, employees and other such third parties, and any information that can be used to identify an individual, including names, addresses, telephone numbers, email addresses, employee identification numbers, signatures, passwords, financial information, credit card information, biometric or health data, government-issued identification numbers and credit report information ("Personal Information"). All such laws and regulations are hereinafter called "Information Privacy Laws."

You hereby agree that we are the data controller of any and all Personal Information that we share with you or your representatives. You acknowledge and agree that all such Personal Information is Confidential Information subject to Section 6 and may not be shared with any third-party of any kind without our express authorization.

Source: Item 22 — CONTRACTS (FDD pages 79–80)

What This Means (2025 FDD)

According to the 2025 Sonesta Simply Suites Franchise Disclosure Document, Section 8 of the franchise agreement outlines the franchisee's obligations regarding data privacy and security. Specifically, it mandates compliance with all applicable laws, including those related to data privacy and security, such as PCI DSS standards for credit card processing. This encompasses the handling of Personal Information collected from customers, prospective customers, employees, and other third parties.

The agreement defines Personal Information as any data that can identify an individual, including names, addresses, phone numbers, email addresses, employee identification numbers, signatures, passwords, financial information, credit card information, biometric or health data, government-issued identification numbers, and credit report information. Sonesta Simply Suites designates itself as the data controller for any Personal Information shared with the franchisee, emphasizing that such information is Confidential Information subject to Section 6 of the agreement and cannot be shared with third parties without express authorization.

This section of the agreement places a significant responsibility on the Sonesta Simply Suites franchisee to protect sensitive data and adhere to all relevant legal and industry standards. It also gives Sonesta Simply Suites control over how personal information is handled, limiting the franchisee's ability to share data. Franchisees must understand and implement appropriate security measures to safeguard Personal Information and maintain compliance with Information Privacy Laws throughout the term of the agreement and even after its termination.

Disclaimer: This information is extracted from the 2025 Franchise Disclosure Document and is provided for research purposes only. It does not constitute legal or financial advice. Consult with a franchise attorney before making any investment decisions.
All Sonesta_Simply_Suites 2025 FAQs Ask FDD Ninja