Permissions | Contacts - Private or limited access to certain contacts
It would be great if it is possible to make a contact private in order to limited the users who has access to a contact, especially when the contact contains private information that should not be accessible by all users.

-
Rupal Shah commented
This is so critical for our business. We are a small business and require confidentiality over some nominal codes, contacts etc. At the moment everyone can see almost everything.
-
Margaux Myburgh commented
Adding the option of blocking a user from seeing certain contacts. E.g. having a sales manager who can see the salaries of all they employees, which can cause some ruptions. Having the option to block the user from seeing certain contacts, would help this.
-
K C Lam commented
This is becoming critical and urgent as a result of the phasing out of Pay Run. Posting payroll as a bill or manual journal will result in all users in the system being able to view pay sensitive data.
My suggestion is to keep Contact Employees active and not disable it, and the Organization Settings, Users, "Payroll Admin" to be renamed "Employee Contacts" and the Admin to check or uncheck for each User.
Let subscribes pick and choose on how to use that feature.Just a point of inconsistent behaviour of Xero, I requested for duplicated and error entries of Supplier and Customer contacts to be deleted permanently, but the request was declined and was informed that all contacts will be Archived in Xero.
HOWEVER WITH THE PHASE OUT OF PAY RUN, ALL CONTACTS "EMPLOYEES" HAVE BEEN DISABLED, NOT EVEN ARCHIVED! -
Denise Hastings commented
We use Smartly payroll which integrates with Xero. There is a lot of sensitive information in this file which other employees are privy to if they go looking.
Can you please look at the ability to lock certain supplier contacts to ensure this sensitive information is not being viewed by employees who shouldn't see it? -
Malcolm White commented
Please can Xero make an amendment to it's software so that where necessary Contacts can be check marked to indicate "Private" to restrict viewing to say Finance only. An invoice from a Supplier may be very private and should not be seen by all users of the Purchases module. Such contacts may have a legal or special consultancy bias.
-
Sandra Cornwell commented
The current user role options are not sufficient to ensure compliance with GDPR. All users currently have access to all contacts however, this causes issues when posting net pay and dividends etc from the bank rec page as it creates a contact which can be viewed with detailed transactions. I have tried the same from the cash coding page and it simply allocates a contact name 'Unknown' when you omit the contact. Can Xero introduce an option to apply a lock on certain contacts?
-
Isabel van der Westhuizen commented
I get a lot of requests from clients that they would like their sales reps to be able to send statements this is not possible from invoice only settings. |Please add statements as optional field
Further to select certain customers access to certain users as different sales reps do not want see all the sales reps sales numbers
-
Thato Benedict commented
This and the inability to handle bulk payment allocation for non-home currency are in my opinion the top crutches for Xero taking over the world.
Overall, I love the product and the API services are second almost to none however, the Product Owner/Manager in charge of the backlog should (in my opinion) pause all other jobs underway and prioritise these two topics - particularly the Contact privacy one.
In essence, they're telling all UK and EU users that you either use a workaround outside of Xero to manage contractors and staff payments or blatantly violate GDPR and foster turmoil amongst professionals.My vested interest aside, I would to see you guys win.
-
Emma Pearce commented
It would be very useful to have the ability to make a contact record confidential to certain users. For example, I would like a member of staff to access Xero to create invoices and quotes, but currently they would be able to access their colleagues contact details on Xero, details that we need to keep confidential ie. bank details, net pay amounts etc. So I am not able to give them access to Xero for quoting purposes.
-
Jade Hoyle commented
All the access settings on Xero are daft (especially for bank accounts!!!). We had employees checking other employees 'contact' to see their net pay listed there from from the bank rec. I have since created a contact named PAYE and post all the salary payments to that, it seems to have stumped them. We don't use Xero Payroll so not sure whether payroll has to link to the individual contact.
-
Emma Hannant commented
It is utterly pointless having restricted access to protect the likes of payroll information when it can essentially be accessed by even basic users through contacts. An extremely basic requirement that really lets Xero down compared to other platforms
-
Susan Appleton commented
For certain users we need to restrict their access to view invoice detail for particular suppliers due to confidentiality issues. Adding a field to contact details seems to be the solution. We are evaluating other software suppliers as a switch might be necessary if this can't be resolved.
-
Sabrina Pernas commented
why would you have the Payroll admin option for each user if then ANYONE with access to the report can see the payroll of everyone? it makes no sense AT ALLL
-
Gareth Jones commented
Managers posting invoices can see directors dividends - need to make confidential
-
Ian Beardmore commented
This is causing us an issue with regard to staff being able to see other members of staff salary payments, as each member of staff is set up as a contact.
-
Sally Rowe commented
We really need our purchasing team to have access to only the contacts that they manage rather than all suppliers. Each member of the team will work closely with you to specific suppliers and some have similar names or departments within their own organisation that are classes as separate entities therefore it is critical that our team can only contact and raise PO’s for their allocated suppliers so that they don’t raise them in error to the incorrect supplier. Please can you provide a timeline for when this could be implemented.
-
Lisa Clark commented
Does anyone know if this is in the pipeline at all? I have a client who is desperate for certain users not to be able to access transaction information on Contact records due to pay issues.
It would be so much easier if I could put all employee & Directors Contact records into a Private group that was password protected or you could restrict access to. -
Michelle Williams commented
This is would perfect if you would make a contact private, as an example we require the admin roles to have access to bank transactions in order to complete the reconciliation and assigning of costs, however this means that each can see the others payments, even with no payroll access, and if/when they receive a bonus. Which is not the same for each employee. To be able to hide this information would not only protect employees but maintain cohesion in the office.
-
Landon Brockman commented
I have clients that do not want to switch to Xero because we cannot hide private contacts or hide choose what bank accounts a user has access to.
-
Alicia Morgan commented
has this been revolved