Enter your idea

We use Smartly payroll which integrates with Xero. There is a lot of sensitive information in this file which other employees are privy to if they go looking.
Can you please look at the ability to lock certain supplier contacts to ensure this sensitive information is not being viewed by employees who shouldn't see it?

Please can Xero make an amendment to it's software so that where necessary Contacts can be check marked to indicate "Private" to restrict viewing to say Finance only. An invoice from a Supplier may be very private and should not be seen by all users of the Purchases module. Such contacts may have a legal or special consultancy bias.

The current user role options are not sufficient to ensure compliance with GDPR. All users currently have access to all contacts however, this causes issues when posting net pay and dividends etc from the bank rec page as it creates a contact which can be viewed with detailed transactions. I have tried the same from the cash coding page and it simply allocates a contact name 'Unknown' when you omit the contact. Can Xero introduce an option to apply a lock on certain contacts?

I get a lot of requests from clients that they would like their sales reps to be able to send statements this is not possible from invoice only settings. |Please add statements as optional field

Further to select certain customers access to certain users as different sales reps do not want see all the sales reps sales numbers

This and the inability to handle bulk payment allocation for non-home currency are in my opinion the top crutches for Xero taking over the world.
Overall, I love the product and the API services are second almost to none however, the Product Owner/Manager in charge of the backlog should (in my opinion) pause all other jobs underway and prioritise these two topics - particularly the Contact privacy one.
In essence, they're telling all UK and EU users that you either use a workaround outside of Xero to manage contractors and staff payments or blatantly violate GDPR and foster turmoil amongst professionals.

My vested interest aside, I would to see you guys win.

It would be very useful to have the ability to make a contact record confidential to certain users. For example, I would like a member of staff to access Xero to create invoices and quotes, but currently they would be able to access their colleagues contact details on Xero, details that we need to keep confidential ie. bank details, net pay amounts etc. So I am not able to give them access to Xero for quoting purposes.

All the access settings on Xero are daft (especially for bank accounts!!!). We had employees checking other employees 'contact' to see their net pay listed there from from the bank rec. I have since created a contact named PAYE and post all the salary payments to that, it seems to have stumped them. We don't use Xero Payroll so not sure whether payroll has to link to the individual contact.

It is utterly pointless having restricted access to protect the likes of payroll information when it can essentially be accessed by even basic users through contacts. An extremely basic requirement that really lets Xero down compared to other platforms

For certain users we need to restrict their access to view invoice detail for particular suppliers due to confidentiality issues. Adding a field to contact details seems to be the solution. We are evaluating other software suppliers as a switch might be necessary if this can't be resolved.

why would you have the Payroll admin option for each user if then ANYONE with access to the report can see the payroll of everyone? it makes no sense AT ALLL

Managers posting invoices can see directors dividends - need to make confidential

This is causing us an issue with regard to staff being able to see other members of staff salary payments, as each member of staff is set up as a contact.

We really need our purchasing team to have access to only the contacts that they manage rather than all suppliers. Each member of the team will work closely with you to specific suppliers and some have similar names or departments within their own organisation that are classes as separate entities therefore it is critical that our team can only contact and raise PO’s for their allocated suppliers so that they don’t raise them in error to the incorrect supplier. Please can you provide a timeline for when this could be implemented.

Does anyone know if this is in the pipeline at all? I have a client who is desperate for certain users not to be able to access transaction information on Contact records due to pay issues.
It would be so much easier if I could put all employee & Directors Contact records into a Private group that was password protected or you could restrict access to.

This is would perfect if you would make a contact private, as an example we require the admin roles to have access to bank transactions in order to complete the reconciliation and assigning of costs, however this means that each can see the others payments, even with no payroll access, and if/when they receive a bonus. Which is not the same for each employee. To be able to hide this information would not only protect employees but maintain cohesion in the office.

I have clients that do not want to switch to Xero because we cannot hide private contacts or hide choose what bank accounts a user has access to.

has this been revolved

This is a GDPR issue for UK users and needs fixed asap! XERO PLEASE LISTEN TO YOUR USER COMMENTS. Thanks.

I need a way of assigning a sales rep ful access just to her customers and no access to any other contact.

Please make it possible to restrict contact's financial details and past salaries/bills/invoices.