Built around your client confidentiality

When you upload a Moneysoft CSV, the file is parsed entirely inside your browser using JavaScript. The raw CSV, employee names, NI numbers, gross pay, tax and every other figure stay on your device. They are never uploaded to or stored on our servers, and they are not written to any database, log file or analytics pipeline.

Because no payroll data is transmitted to or persisted by MS Payroll Bridge, the service operates with a zero-data footprint. From a GDPR perspective this dramatically reduces the personal data we process on behalf of your firm — there is no copy of your client's payroll for us to breach, sub-process, retain or be compelled to disclose. The only personal data we hold is the account information you provide when signing in (email address) so we can authenticate you.

Today, MS Payroll Bridge generates an optimised, Xero-compatible CSV journal that you import into Xero manually. The CSV is built entirely in your browser and downloaded straight to your machine — it is not uploaded to, processed by, or stored on our servers at any point. Even without a direct API connection, this is typically around 10× faster than keying the journal in by hand, and it keeps your client data on your device.

We are currently working on a direct Xero API integration to allow one-click posting of the journal straight from MS Payroll Bridge into your Xero organisation. When it ships, transit will use HTTPS / TLS 1.2+ via Xero's official API and journals will only be sent on your explicit confirmation. Stay tuned!

Our codebase is internally audited to ensure GDPR compliance. We have implemented automated code-level restrictions (ESLint guards) that prevent any PII (Personally Identifiable Information) from being transmitted to our servers. Only anonymized usage counters are stored, ensuring your firm's data integrity is never compromised.