Cybersecurity Risk Management and Strategy Disclosure

12 Months Ended

Dec. 31, 2025

Cybersecurity Risk Management, Strategy, and Governance [Line Items]

Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

In many areas, the Company is dependent upon computer systems, devices and communications networks to efficiently collect, process and store data necessary to conduct many aspects of its business. For example, the Company:

	·	collects and processes transactions in its Craft Pizza & Pub locations using point-of-purchase equipment
	·	transmits credit card information from customers through credit/debit card processing terminals in its Craft Pizza & Pub locations
	·	collects, transmits and stores personnel data relating to employment and payroll
	·	collects and transmits data related to employee health insurance enrollments
	·	collects, stores and uses customer data in a voluntary email and loyalty program for marketing purposes – this data is limited to names, email addresses and other very limited information such as restaurant location preference
	·	collects, stores and uses customer data if they voluntarily elect to use Company online ordering services through its website and phone applications – these services are managed by third parties and the data collected could include credit/debit card numbers as well as certain consumer-identifiable data
	·	collects, stores and uses customer data if they voluntarily elect to use Company online gift card purchasing services through its website and phone applications – the electronic service aspects are managed by third parties, and the data collected includes credit/debit card numbers as well as certain consumer-identifiable data
	·	the collection and processing of sales and royalty information from franchisees, and the frequent execution of ACH transactions to collect those royalties

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]

false

Cybersecurity Risk Role of Management [Text Block]

This list is not exhaustive and is only meant to provide examples of the types of information the Company collects, stores and processes directly. Additionally, the Company uses third parties to assist in some services, such as health insurance, third-party home delivery services and third-party web ordering services. These third parties are also subject to cybersecurity risks, and the Company can have no assurance that their cybersecurity measures would prevent security threats from being successful.

The Company recognizes the importance of protecting both its information and operations from threats that could disrupt its business or compromise the Company’s customer, franchisee and employee data. The Company’s cybersecurity is implemented and maintained using security procedures, hardware, software and services that are reviewed and updated as needed on a periodic basis. The Company retains the professional services of a long-established and local information technology (“IT”) company on retainer to assist it with IT issues of various kinds, including the maintenance or upgrade of corporate-level IT hardware, security, data back-up and recovery, etc.

As of the date of this Annual Report, the Company is not aware of any previous cybersecurity breaches that have materially affected the Company. However, the Company acknowledges that cybersecurity threats are continually proliferating and evolving, and the possibility of future cybersecurity incidents remains. Security measures cannot guarantee that a significant cybersecurity attack will not occur. While the Company intends to devote increasing resources to its cybersecurity measures beyond those currently in place and designed to protect systems and information, no security measure is infallible. As discussed, the Company relies on many third parties for various aspects of its data collection, processing and storage, and thus also relies on those third parties to provide continuing cybersecurity but does not control their ability to do so.

The Company’s management, with the input of the Company employees as well as external experts, who may be consulted from time to time, will report on the Company’s cybersecurity efforts to the entire Board of Directors on a periodic basis.