Your security
We're responsible for safeguarding your data. We use a host of sophisticated technologies in combination with comprehensive safeguards to ensure we fulfil this commitment.
We're responsible for safeguarding your data. We use a host of sophisticated technologies in combination with comprehensive safeguards to ensure we fulfil this commitment.
Two-factor authentication is an extra security layer on top of your password you can use when logging in to XING. Each time you log in with your password, you’ll then receive a one-off access code via SMS or by using an authentication app (e.g. Google Authenticator). Activate two-factor authentication
The NEW WORK Security team reviews our software on an ongoing basis and advises the company on all security-related matters. We also have reputable external experts perform regular audits. These in-depth inspections include all of our products, applications and internal systems.
Our "Information Security Management System" is VdS 10000 certified.
Our IT systems have been checked according to the "Payment Card Industry Data Security Standard" (PCI DSS).
For many years now, the XING Security team has been a permanent member of the expert panel for cyber security, an alliance put in place by the German Federal Office for Information Security (BSI). Its aim is to exchange the latest cyber security news and views. The expert panel also identifies key measures to safeguard against cyber-attacks which the BSI then publishes on behalf of the cyber security alliance, thus making them available to German industry.
XING is an official "OWASP German Chapter Supporter". The Open Web Application Security Project (OWASP) is a global non-profit organisation dedicated to improving the security of software applications. We support projects such as Juice Shop (application for security training) and DefectDojo (vulnerability management).
Security experts continuously examine all online services for potential vulnerabilities. The XING Security team acts as a direct point of contact for any possible findings. Should any XING services ever be affected, the reports will be carefully reviewed and the causes rectified immediately.
We teamed up with specialist partners such as the Schleswig-Holstein Independent Centre for Privacy Protection (ULD) and the Universities of Bonn and Duisburg-Essen to conduct research into "Online Identity Theft". The "Effective Information after a Digital Identity Theft" (EIDI) project, funded by the German Federal Ministry for Education and Research, was primarily aimed at developing an effective warning system that informs people possibly affected by identity theft in a fast and comprehensive way.
The XING Security Team is an accredited member of the Task Force Computer Security Incident Response Team (TF-CSIRT). This alliance is aimed primarily at sharing information about current threats and effective countermeasures with other security teams based at universities, governmental organisations, and other large companies.
Next:
Who to contactSmall files that enable us to store specific information related to you, the user, on your end device. You can edit the settings of your browser to prevent cookies from being saved.
A country outside of the European Union.
The Regulation (EU) 2016/679 of the European Parliament and the Council dated 27 April 2016 on the protection of individuals with regard to the processing of personal data, on the free movement of such data, and on the repeal of the EU Data Protection Directive 95/46/EC.
Newsletters or status e-mails and advertising for XING’s own similar products and services, or surveys for the purpose of XING’s own market research.
Pursuant to Article 4 (1) of the EU General Data Protection Regulation (GDPR), any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Pixel: An image file or link to an image file that is added to the website code but not sent to your end device (e.g. PC, smartphone). Pixels are usually used in conjunction with cookies.
The page on the XING Websites where the personal data made available by the user is displayed in the social network.
Pursuant to Article 4 (4) of the EU General Data Protection Regulation (GDPR), any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or move-ments.
The contact and communication forums belonging to the applications of the service XING.
The service XING and the applications belonging to the service XING (XING, kununu, onlyfy. etc.).
All websites, subdomains, aliases, mobile applications, background applications, web services and embedding in third-party websites where the service XING is available.