Here at XING we give our members the tools they need to retain full control over their own data. This means:

• You specify for each XING member, irrespective of whether or not they are a contact, which of your contact data they can see and whether the member can send you messages.
• You can determine whether your profile is visible outside of the platform and whether it can be found by search engines like Google. As a result, you get to decide where you want to publish your XING profile as a digital business card.
• A preview function enables you to simulate how non-contacts see your profile. This helps you to decide whether you're happy with your online presence.
• You get to decide what and how much you write about yourself in your profile. XING as a business network does not request highly private information, with your name, sex, country/region and professional status (poss. company name and position) being the only required fields.

Find out more in the What you can do section!

Here at XING we work closely with security researchers in order to act in a responsible way. XING is willing to address reported vulnerabilitiesquickly, which, depending on the complexity of the fix, generally means within one or two release cycles. We intend to patch the vulnerability before details become publicly available as it ensures safety for our end users. Please get in touch with us by sending an email to security-reports [at] xing [dot] com and we will get back to you as soon as possible.

Do you have any questions, requests or comments? If so, please feel free to contact us via the contact form!

Press enquiries should be addressed to the press team.

We do everything in our power to make sure your data is secure, both on a personal and technical level.

XING AG is a German company with both its headquarters and data centers located in Germany. As a result, XING is subject to the strict data protection regulations in force in Germany whose overriding principle is "Verbot mit Erlaubnisvorbehalt" (prohibition pending approval) and/or the respective EU regulations.

If XING commissions other companies to process data¹, it will always require said companies to process such data within the EU.

This stipulates that data may not be collected, processed or utilized without the express permission of the user or without prior legal permission, which is why we obtain express consent from users before processing any of their data (registration privacy policy). This is also the reason why we obtain separate consent e.g. for the OpenSocial applications (see below) from users.

Providers based e.g. in the US are not subject to these strict standards.

Our platform also incorporates a number of security measures to prevent a wide range of typical risks, including:

• so-called intrusion detection, which we use to track potential attacks and suspicious activity on our platform.
• scanning of the entire platform where members post text - e.g., in groups, events, search results, and profile information - in order to stop malicious code known as cross-site scripting from penetrating the platform.
• a number of monitoring tools which continually analyze activity on the platform while checking user entries for plausibility. Our Customer Care Team is immediately notified if certain strings are used (e.g. "asdf" in all input fields during registration) or if various members appear to log in to one computer. This may even lead to users being automatically blocked temporarily due to suspicious activity.

_{(1) XING AG commissions kununu GmbH to process, e.g. data on its behalf. To this end, kununu uses IT systems that are not located in the Federal Republic of Germany, but within the European Union. XING AG has taken the necessary steps to ensure that German data security standards are upheld.}