Responsible data use at Xero

Xero is committed to using data responsibly and being transparent about how we manage and use data.

A small business owner reads about responsible data use on their phone while waiting for coffee from a barista.

Using data to drive innovation

We use data to create innovative products and features for our customers. These help small businesses save time and make better decisions, and give advisors the information they need to help their clients thrive. Data is critical to innovation, and the opportunities to put it to work for the benefit of our customers are exciting.

With these opportunities, comes an obligation to use data responsibly, which we take very seriously. In 2020, we made a company-wide pledge to responsible data use and introduced a set of commitments into our business. These were updated in 2024, to ensure that as technologies continue to evolve, we keep pace with how we manage and use data.

Xero’s responsible data use commitments

Our responsible data use commitments guide our behaviour and decisions in every area of data use, from technology investments and product development, to partnerships and acquisitions.

We believe this approach aligns with our customers’ expectations of Xero, and our vision to be the most trusted and insightful small business platform.

Prioritising security and privacy

We are committed to keeping data secure and protecting individuals’ privacy at all times. This means:

  • we have robust security processes aligned to the ISO 27001 and SOC 2 standards
  • we benchmark ourselves against leading global standards for privacy and data protection, such as the European General Data Protection Regulation
  • we practise privacy and security ‘by design’ – through our processes, governance, and internal education
  • we take a rigorous approach to aggregating and anonymising data to share insights that benefit the small business community (for example, in Xero Small Business Insights)

Empowering customers

We are committed to using technology and data to amplify human potential. This means:

  • we provide pragmatic advice for customers in leveraging technology for their own businesses
  • we give customers back time to focus on high value work through automation of tedious, repetitive tasks
  • we use data and AI to uplift the customer’s ability to leverage insights and make the best available decisions
  • we uphold customer autonomy over their business operations, giving them agency to act

Innovating responsibly

We are committed to thoughtfully leveraging new technologies to power innovation. This means:

  • we evaluate the latest technologies for their potential to drive innovation for our customers, and invest in the ones that will
  • we always assess the capabilities of a technology, including their accuracy and trustworthiness, before we release those capabilities
  • we actively monitor newly released capabilities to ensure that they are working in the way they should

Communicating transparently

We are committed to transparency about how we use AI and your data. This means:

  • we tell you in plain language how we use customer data; see our terms of use, privacy notice and data processing terms
  • we will only share your data with ecosystem partners with your express consent
  • we are transparent about where we use AI systems in our products and services

Creating a thriving ecosystem

We are committed to helping our customers confidently connect their Xero data to a vibrant and growing ecosystem. This means:

  • we enable customers to leverage the full power of their Xero data by connecting to the best apps for their needs
  • we support our ecosystem partners to meet standards to protect and secure customer data as set out in our developer platform terms and conditions
  • we strive to minimise any barriers to third-party innovation in alignment with our Xero ecosystem principles