Refuse Or Accept

Read Xero’s Terms and Conditions and then weep!

I am looking for an online accounting package. Xero is highly recommended so, just because I do this sort of thing, I read through the Terms and Conditions. I must be the only non-Xero employee to do this! I am amazed. To my mind it is unconscionably one-sided…

In fact, Xero’s conditions have the following consequences:

  • Any error in the software (e.g. wrong arithmetic error, tax calculation, loss of data, etc.) is your problem. Worse than that, it is your responsibility to verify that the software works correctly (that is, you need to make sure it stores the information you give it reliably and calculates all results without error).
  • If you breach the agreement, they can remove access to your data. Although they do say the data is yours, it is just that you can’t have access to it.
  • Xero have no obligation to maintain your data – Xero expressly says it is up to you to maintain your data and backups (not them).
  • If Xero has to close for any reason, you lose all access to your data (there is no right for you to recover your data). Oh, and if you close you (and your accountant, insolvency lawyer, etc.) may lose access to all data.
  • If the service does not work as advertised – your problem.
  • If Xero is negligent – your problem.
  • If Xero has an outage for any reason (e.g. just before tax returns are due in when the load is heaviest) – your problem.

To make this clear, if you lose access to your data then you are entering the arena of disaster recovery. According to Evolven Insights “On average, businesses lose between $84,000 and $108,000 (US) for every hour of IT system downtime.” The numbers for your business will be different and this is *just* about accounts, but how long could you survive without your accounting system? How long would it take to re-key all the data?

If a car was sold with similar conditions, would you buy it? To be comparable, the car would have no warranty and any problems are your sole responsibility. In fact, let’s imagine you were driving your new car home, the wheels fell off and you had a serious accident involving several other vehicles.  That would be your problem and liability. To be fair, you might get the cost of the car back as a full and final remedy!

The time for such unconscionable contracts is over. Companies providing services and products should not be able to remove their liability for anything to do with the service or product that they advertise.

Perhaps the regulators are beginning to take notice in Australia. They have to stepped in because individuals are powerless in the face of large corporations. It was reported, on the 18th December 2013, in the Sydney Morning Herald that “The Australian Competition and Consumer Commission (ACCC)  found Apple and its suppliers told customers it did not have to provide a refund, repair or replace products with a ‘major failure’, when in fact consumers should have been allowed to choose either a refund or replacement. And that consumers should have been entitled to free repairs, refunds or replacements for products with minor faults.”

Let’s hope the ACCC starts to review all these unconscionable contracts on our behalf and takes action to remedy them.

So back to my problem – which accounting package to choose? Excel is looking quite reasonable at the moment!



The clauses in detail are:


7.1 To the maximum extent permitted by law, Xero excludes all liability and responsibility to You (or any other person) in contract, tort (including negligence), or otherwise, for any loss (including loss of information, Data, profits and savings) or damage resulting, directly or indirectly, from any use of, or reliance on, the Service or Website.

7.2 If You suffer loss or damage as a result of Xero’s negligence or failure to comply with these Terms, any claim by You against Xero arising from Xero’s negligence or failure will be limited in respect of any one incident, or series of connected incidents, to the Access Fees paid by You in the previous 12 months.

7.3 If You are not satisfied with the Service, Your sole and exclusive remedy is to terminate these Terms in accordance with Clause 8.

4. Breach: If You:

a. breach any of these Terms (including, without limitation, by non-payment of any Access Fees) and do not remedy the breach within 14 days after receiving notice of the breach if the breach is capable of being remedied;

b. breach any of these Terms and the breach is not capable of being remedied (which includes (without limitation) any breach of clause 3.4 or any payment of Access Fees that are more than 30 days overdue); or

c. You or Your business become insolvent or Your business goes into liquidation or has a receiver or manager appointed of any of its assets or if You become insolvent, or make any arrangement with Your creditors, or become subject to any similar insolvency event in any jurisdiction,

Xero may take any or all of the following actions, at its sole discretion:

d. Terminate this Agreement and Your use of the Services and the Website;

e. Suspend for any definite or indefinite period of time, Your use of the Services and the Website;

f. Suspend or terminate access to all or any Data.

5.3 Backup of Data: You must maintain copies of all Data inputted into the Service. Xero adheres to its best practice policies and procedures to prevent data loss, including a daily system data back-up regime, but does not make any guarantees that there will be no loss of Data. Xero expressly excludes liability for any loss of Data no matter how caused.

6.3 No warranties: Xero gives no warranty about the Services. Without limiting the foregoing, Xero does not warrant that the Services will meet Your requirements or that it will be suitable for any particular purpose. To avoid doubt, all implied conditions or warranties are excluded in so far as is permitted by law, including (without limitation) warranties of merchantability, fitness for purpose, title and non-infringement.

This Post Has 18 Comments

  1. Hi Brian

    Yes, pretty much all T&C’s for cloud based services are one sided – xero isn’t an exception. One reason for this is that data will be stored externally (in xero’s case on rackspace) and the provider of the storage will also give limited contractual protections to xero. So an element of this will be xero reflecting the terms that they’ve had to sign up to.

    Also isn’t this reflected in the price you pay – xero’s premium package if only GBP25 a month? If you want a solution with guaranteed service levels and higher contractual liability limits then you will almost certainly have to pay (a lot) more.

    If you like the service and like the low price then use it. Just make sure you back up your data properly (not on a cloud based service mind if you want any contractual protection!).


    1. Hi Charles,

      I agree that there is some back-to-back risk management between Xero and their service providers for the issues of data security and availability.

      However, compared with a piece of software you run on your own PC:
      – The price is comparable after a year of use (the standard price for Xero is 50 AUD per month which is 600 AUD per year, Sage can be bought outright for 450 GBP);
      – The software supplier has a liability to ensure that the PC software does it’s calculations correctly. On the cloud version this is not the case.

      As you say, you pay your money and make your choice…


    2. Charles, you’re spot on: low price point is exactly the cause of such terms and conditions. If you’re OK with completely trusting your data to a third party, that’s a good deal.

      For those who want the extra safety, I’m developing a new backup & restore tool for Xero. It puts your Xero backup right into Dropbox or Google Drive. That means the data is synced to your own hard drive, and you can restore it anytime. Feel free to join the early access program!

  2. Brian, I have to ask out of curiosity: in spite of the Ts and Cs, did you end up opting for Xero? And if so, why?


    1. Hi Peter,

      As yet I have not made a decision. I’m still thinking about using a spreadsheet simply because of the low number of transactions. If I was running a company, I’m not sure what I’d do though… are you using Xero, if so why did you choose it?


  3. The major problem with cloud providers and our responsibility to take a back up of the data is just what are you backing up and how do you do it.
    Can you do a backup of all the data in a way that allows you to suck it into a CSV file for instance. Check also what is in the data, it is never all the data, only select bits of it. Try backing up you WIP ledger in a format that allows you all the information and time or fixed price amounts, so you can import it into another software package. Haven’t seen it able to be done. Most cloud providers do not let you suck the data out in a way that enables you to walk off to another provider and then import it all into the new provider and start working as if very little has happened. IT is not in their interests to do it. Most backups revolve around printing out, even if in PDF format general ledgers and reports. That’s their interpretation of a backup that the end user can take. IT is not really a backup. So you end up having to leave at a year end or convenient time and reenter all the data or just toals or just work forward with the new supplier. The cloud provider who can give you back all the data you have entered so you can change providers if you wish will be the cloud provider who ultimately wins. I know a lot of people who still do not trust the cloud because of this lose of control of their data.
    Yes it might take some legislation changes to make it happen, so I would be interested to see how ASIC and the Dept of Fair Trading could handle such a difficult task given their record on other matters.

  4. Certainly an interesting interpretation. I’d be very interested in comparing the T&C’s with those of the other cloud based providers, and also those of the desktop providers too.

    Until that’s done, and there is a basis for comparative analysis, I see this as nothing more than scaremongering.

    1. Agree Cassandra. Suggest the writer look at the actual T&C’s of their desk based software.
      My last package Sage 50 says pretty much similar.

  5. Some say – “If I have no guarantee of the safety of my data in the cloud, it is simply reckless to lock it there”

    Fact is, we cannot guarantee the safety of your data in our own custody.

    We can minimize risks (both physical security, also passwords, firewall, anti-virus, anti-spyware, etc) plus power surge protection, but that won’t guarantee you will never need to replace hardware (fire/flood/theft/lightening strike/catastrophic failure) and need to rely on a backup – which won’t help if that is kept locally and subject to the same fire/flood/theft.

    Xero have IT professionals that maintain their hardware, systems and automated backups kept at multiple locations, and the physical and electronic security is vastly superior to vast majority of us who are concerned about security. Xero are transparent about their backup protocol and security standards – how many of us would be comfortable documenting and publishing ours?

    Xero take care of much of the security aspects for us as part of the subscription, so I conclude that my data is far safer in the cloud than in my own PC.
    And if you really want a local backup (which may then be the weakest link regards security), you CAN backup your Xero data – either thru exporting the detail yourself, or thru other cloud services such as
    Unfortunately, cannot restore anything – but Xero can with their nightly backups.

    Compare the terms with books-in-a-box products such as Reckon and MYOB – will they guarantee you won’t lose data by using their system? I think not.

    1. Many thanks for your comments Bradley, Cassandra, David and Ed. The purpose was to raise awareness of the issue rather than pick on a single product. I, too, suspect that all software packages provide similar Terms and Conditions but just because everyone does it, it does not make it right nor acceptable. I think any judge would take a dim view of your speeding ticket if you claimed “well everyone else does it…”.

      One significant difference between desktop software and cloud based software is what happens when someone stops paying. With desktop software the package continues to run (although the results will not keep up with changes in legislation) and you can refer to the data many years later. In fact European Governments were aware of this issue with Microsoft Office documents which is why an open document standard was produced.

      With the cloud solutions, once the grace period is over the data is lost forever. In some cases the grace period is only three months! How does this loss of data stack up with the legal requirement to keep accounts for a period of five or six years? Again, could you say “well, all cloud providers delete the accounts after 3 months…” but I’m not sure the Tax Authorities would be happy.

      In fact, it could be worse… taking another example from Xero’s T&C: “7.3c If you become insolvent… or make any arrangement with your creditors…, at it’s sole discretion, Xero [may] (f) suspend or terminate access to all or any Data.” Think about it: your insolvency practitioner may cease to have no access to the company’s accounts… that would not happen with your desk based solution.

      1. Interesting to now look at the aspect of data access once the subscription lapses.

        Let’s parallel this with physical papers a client may have sent us for processing.
        What then happens if, while these papers were in our custody and control, the client is no longer contactable? (perhaps no longer in business)
        (ICB is an amazing resource I highly recommend to every bookkeeper. Below plagiarized from recent ICB newsletter when quoting a legal eagle at eCollect.)
        Should YOU now be required to care for the security and storage of this data for five or seven years or more? Of course not.
        Sending to the ATO is not an option – they don’t want it.
        There IS an option for bookkeepers and accountants – destruction and disposal.
        Assuming that storage is NOT part of the original engagement letter, if you choose to not be responsible for ongoing storage then the Australian Consumer Law and Fair Trading Act 2012 (“the ACL”) sets out what is required for the disposal of uncollected goods.
        On the assumption that the client is unable to be contacted and has probably gone out of business, it might be issued and that the client records are of low value which means, according to the ACL that they are of less than $200 value.

        To dispose of low value goods pursuant to the ACL, the service provider is required to:
        a) give written notice to the client that the goods are ready for collection. If the client is unable to be contacted, the service provider is required to make reasonable efforts to find the client. No definition of reasonable efforts is provided in the ACL;
        b) wait for 88 days. After 28 days, the goods become “uncollected goods” and then a further 60 days is required before disposal;
        c) dispose of the goods by any means including destruction.

        Section 58 (4) of the ACL says that a service provider who disposes of uncollected goods in accordance with the ACL is not liable in relation to the goods by reason of the disposal.

        Some other options if caught with client records should consider:
        – checking the ASIC and ABN. Lookup websites to see if the business is still in operation. If external management has been appointed, send the records to them;
        – sending records to the registered office of the company;
        – making sure they have addresses and contact points of all directors and sending the records by mail to one of the director’s home addresses. If not known, a company search will reveal.

        1. I forgot to mention the parallel – once the grace period is over, there is no obligation to retain the records and disposal is lawful.

          It is not unreasonable to throw the obligation on the owner of the records to be accountable for storage (if they don’t want to pay for it)

        2. David, I have no problem with what you state – that is, if the record owner decides not to pay for their retention, that is their problem.

          The issue I was raising is different. If money is paid to Xero for account maintenance but:
          *   the record owner becomes insolvent; or
          *   the record owner appoints a receiver or manager;
          then Xero, according to the agreement, can STILL terminate access to the records. In other words, the receiver could continue to pay for access to the accounts but the fact of their appointment could cause their access to be terminated/suspended at Xero’s sole discretion.

          1. Brian

            I would suggest it is most likely that in this scenario, Xero would contact the business owner and offer for them to take over the subscription.
            Rather than make assumptions – I will put this question to them for comment.

  6. And you think Microsoft has better T&C’s??? I suspect if you use excel, visurs’, file corruptions, loss of data, etc, are all YOUR problem, not MS’s!

  7. Reserve powers are not the same as arbitrary abuse … if people pick cloud services based on Goggle Data Liberation Front then that means that aspect is more important than accounting functionality. In fact, that aspect should be what ACCC concentrate on, allow freedom of choice (like mobile phone number transfer) … unfortunately insurance companies haven’t enough acturian data to formulate appropriate policies.

    And having seen some of the US litigation, any lawyer worth their salt tries to protect their client to the limit allowed by law …. which is why laws like TPA are so important. If you are paying someone to take the risk, then look at the sophistication of the buyer/seller (as the credit-default-swaps found out) to see who is on the sharp end of the stick

  8. Brian – great to raise awareness of this issue and T&Cs generally. Whilst we see and applaud the multitude of benefits of Xero and other cloud providers we have stringent back-up procedures in place. For clients using the cloud, we keep a full general ledger and trial balance in our work papers so all client data is at least restorable annually and for many clients, quarterly.

Leave a Reply

Your email address will not be published. Required fields are marked *