SoFi is a new kind of finance company taking a radical approach to lending and wealth management. From unprecedented products and tools to faster service and open conversations, we’re all about helping our members get ahead and achieve success. Whether they’re looking to buy a home, save money on student loans, ascend in their careers, or invest in the future, the SoFi community works to empower our members to accomplish the goals they set and achieve financial greatness as a result.
This Privacy Policy is meant to help you understand how we and our affiliates collect, secure, use, and disclose your personal information in connection with our services. This Privacy Policy applies to personal information we collect from you and from third parties, both online and offline. If you are a current SoFi customer, you can also use our Privacy Notice as a guide to the ways we use your personal information, as well to understand your choices to limit our use and sharing of your information.
Your use of SoFi websites, or otherwise providing us with personal information, you agree to the terms and conditions of this privacy policy and any updates we make. Our Terms of Use take precedent over any provision conflicting with our privacy policy. This is our complete privacy policy, and supersedes all earlier versions.
This Privacy Policy is written to apply to Social Finance, Inc. and its affiliates including:
Changes to Our Privacy Policy
We update our Privacy Policy regularly—this version is effective as of the date indicated above. We will notify you of material changes to the Privacy Policy by email as well as a notice on our website.
1.1.1. Personal Information
We collect personal information from you to help you use our services. When we say “personal information,” we mean information that specifically identifies you.
We collect this information in a number of ways. You are asked to provide personal information to us while submitting loan applications, registering to use our Website, discussing your application or product with us, providing feedback to us, or transferring funds when using our services. Examples of personal information include:
We may supplement the personal information you submit to us with information from third-party sources. For example, in an effort to protect the integrity of your account and if permitted under applicable law, we may supplement your registration information with address standardization data to verify the address you have entered is valid and to protect you against identity theft.
Finally, we never intend to collect personal information from children under 13 years of age. If we learn or are notified that we have collected this information from a child under the age of 13, we will promptly remove the data from our system.
1.2.1 Aggregate Information
Aggregate information, which is data we collect about your use of our or third-party websites or services, from which personal information has been removed. Aggregate data is used to help us understand consumer trends, needs, interests, and preferences so we can improve our products and services.
SoFi also collects demographic information, which is anonymous, and may include:
In the case of employee-sponsored plans, where we partner with employers to offer our products to their employees, we will collect information from both the employer and employees. This includes, but is not limited to, employer name, plan participant names, length of employment, annual income, addresses, dates of birth, email addresses and other relevant information needed to verify the identity and employment of plan participants.
1.2.2. Consumer Reports
As a company engaged in lending, SoFi both receives and transmits data to consumer reporting agencies. We partner with these agencies to assess your creditworthiness and to prevent fraud and identity theft. This is done as part of our regular underwriting, fraud prevention and loan servicing processes.
Information we collect in these reports includes, but is not limited to:
Correcting information maintained by the credit bureaus
Information related to your creditworthiness is maintained by the credit bureaus. If you find that there is an error or you want to dispute the information found in your credit report, please contact the credit reporting bureaus.
| Experian | Transunion | Equifax |
|---|---|---|
| https://www.experian.com/ | https://dispute.transunion.com/ | https://www.ai.equifax.com/ |
SoFi also collects information about your computer or mobile device to improve and evaluate your use of our website and our services. We may gather data such as your browser type, operating system, loading or exiting of web pages, and the Internet Protocol (IP) address of your computer or device.
Please note that any information, photos, contact information, email addresses, videos, and other content you post to your profile on SoFi’s Community site is available to everyone using that service. The information you share is available to everyone accessing that service, and may be read, collected or used by others for any purpose, including sending you unsolicited messages.
1.2.4. Information We Get from Others
Like other advertisers, we contract with third parties to place advertisements for our products and services on websites that are not our own. We place these ads where we think they are likely to be most relevant. These advertisements on third-party websites allow us to track responses to our ads. We and our affiliates use this information to track the performance of our advertising and marketing campaigns by using tools like cookies, web beacons and similar technologies. We use these tools to collect and store information about your visits, page visits and duration, and the specific ad or link that the user clicked on to visit the site.
1.2.5 Cookies
SoFi uses “cookies” and similar tools to track your use of the Website when you use our services. We collect information such as the types of service used, and number of users we receive daily. Our web servers automatically log information about your computer, but we don’t use this information to identify you personally.
We and our vendors use cookies and to improve our service, our site and to provide more convenient and relevant experiences to you. Cookies are designed to transfer a small amount of data to your browser by servers within a domain. That data is only read by designated servers within that domain. It functions as your computer’s identification card and enables SoFi to improve your experience by securely maintaining your authenticated session and preferences.
A web beacon embeds a small transparent gif image in a web page or email used to track when the page or email has been viewed. A similar device may be used where a product, service or functionality sends data to a server when a set of user-initiated events occur such as clicking a button on the website or in an email. This is similar to a cookie – it tracks your visit and the data is only read by the server that receives the data. However, it differs because it is not browser-based, may not function as an ID card and doesn’t store any data on your computer.
Most Internet browsers are set up to accept cookies automatically. You can set your browser to notify you when you receive a cookie, allowing you to decide whether or not to accept it. For some web pages requiring an authorization, cookies are not optional. Users choosing not to accept cookies or similar devices will probably not be able to access those pages or their products and services.
1.2.6 Contacting us by Telephone
If you communicate with us by telephone, we may monitor or record the call. This is done for reasons such as maintaining the integrity of your account, providing effective and timely service, and the improvement of SoFi’s products.
Here are some examples of ways in which we use your personal information:
Sharing your personal information
We don’t sell or rent your personal information to anyone. SoFi only shares your personal information with unaffiliated third parties as permitted or required by law. We may share your personal information with our affiliate companies and as part of joint marketing campaigns with other financial companies. When SoFi shares your personal information with vendors and service providers who perform functions on our behalf, we require the security and confidentiality of your information, as well as limiting their use of the information to reasonably and necessarily to carry out their work with us and comply with applicable laws and regulations. Third parties we share your information with may include, but are not limited to:
Please note that, if you are a current borrower, you may not control certain information associated with your loan, that you have already agreed to provide to certain investors as described in your loan agreement.
Finally, personal information may be disclosed or transferred as part of, or during negotiations of, a merger, consolidation, sale of our assets, as well as equity financing, acquisition, strategic alliance or in any other situation where personal information may be transferred as one of the business assets of SoFi.
3.1. What we do to protect your personal information
SoFi takes the privacy and security of its members personal information seriously. We maintain administrative, technical and physical safeguards designed to protect your information’s security, confidentiality and integrity.
We protect personal information you provide online in connection with registering yourself as a user of our website. Access to your own personal information is available through a unique user ID and password selected by you. This password is encrypted while transmitted from your browser to our servers and while stored on our systems. To protect the security of your personal information, never share your password to anyone. Please notify us immediately if you believe your password has been compromised.
Whenever we save your personal information, it’s stored on servers and in facilities that only selected SoFi personnel and our contractors have access to. We encrypt all data that you submit through SoFi’s website during transmission using Transport Layer Security (TLS) in order to prevent unauthorized parties from viewing such information. Remember – all information you submit to us by email is not secure, so please do not send sensitive information in any email to SoFi. We never request that you submit sensitive or personal information over email, so please report any such requests to us by sending an email to [email protected].
3.2. Steps you can take to help us keep your information safe
There are many steps you can take to help us keep your information safe. First and foremost, choose complex, independent passwords for each website and service you maintain an account with. This helps keep any breach of any of your accounts isolated to one service. Also, don’t use anything related to your birthday, address, phone number, PIN number or any other easily guessable information in your password.
SoFi urges your caution when using public computers or networks, like at a coffee shop or library. To best protect your personal information and login information, don’t use such computers to access your sensitive accounts, and if you must, ensure that you logout of your account entirely.
When either you or we update information in your account, such as the status of a loan application, we typically send you notice of these changes via email or text message. In recent years, individuals, businesses and even governments have seen a rise in “phishing” attacks. Phishing occurs when someone attempts to obtain your password or other sensitive information. Scammers often do this by impersonating a trusted user, or offering a compelling reason to open a malicious email attachment, click on a link or give over information. We never ask for your sensitive personal information, such as password, over email or other unsecure methods or through any site not under the sofi.com domain. Please notify us at [email protected] if you ever receive suspicious correspondence from us.
We want you to be aware of the choices you have in limiting the sharing of your personal information. Please refer to the below table to review your options in sharing with us:
| Reasons we share your information | Does SoFi share? | Can you limit this sharing? |
|---|---|---|
| For our everyday business purposes—such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, or report to credit bureaus | Yes | No |
| For our marketing purposes—to offer our products and services to you | Yes | No |
| For joint marketing with other financial companies | Yes | No |
| For our affiliates’ everyday business purposes—information about your transactions and experiences | Yes | No |
| For our affiliates’ everyday business purposes—information about your creditworthiness | Yes | Yes |
| For our affiliates to market to you | Yes | Yes |
| For non-affiliates to market to you | No | We don’t share |
Your Rights As a California Resident
Residents of the state of California have the right to request certain information from us with respect to the types of personal information we share with third parties for their direct marketing purposes, as well as the identities of the third parties we have shared such information with during the immediately preceding calendar year.
To limit our sharing once your sofi.com account has been created:
If you are a new customer, we can begin sharing your information 45 days from the date we sent you the privacy notice. When you are no longer our customer, we may continue to share your information as described in this policy. However, you can contact us at any time to limit our sharing and to restrict online marketing and direct mail.
You control the information you share in your profile on our community website. You understand that if you choose to share your information, your profile may be generally available on our website.
When you post information to our community website, you should also be aware that anything you post on our user forum can be used, read, or collected by other users of the online community services and could be used to send you unsolicited messages.
Our website contains links to other sites that may collect your personal information. For example, SoFi has relationships with various service providers whose services are available to you from our website, from other websites that are linked to our website, or in connection with our services. These partners offer services we think our customers may find useful or will improve our services. Those providers may require you to provide personal information to use their services. Personal information collected on other websites is not covered by this Privacy Policy. Unless stated otherwise, the policies of those partners will govern the collection, use, disclosure and security of your personal information.
We don’t respond to “do not track” signals or similar mechanisms – where a visitor to SoFi’s website requests that we disable the collection of information about the visitor’s online activities, including navigation around our website and the service. We may also permit third parties to collect aggregate usage information on our website, and they may also not respond to “do not track” signals.
Under the California Consumer Privacy Act, you have a right to request:
You may view a comprehensive list of the categories of information we’ve shared with corresponding categories of third parties within the last 12 months at https://www.sofi.com/privacy-policy/vendor-sharing/
We cannot discriminate against you in any way for exercising your rights under the California Consumer Privacy Act, including:
Please note, we collect and share your personal information in order to service you and the products you hold with us. If you apply for a loan or hold a product with us, we cannot support requests to delete your personal information due to business purpose. If you create an account with us, but do not apply for a loan or hold a product, we are happy to honor your deletion request.
We also do not sell your information. Therefore, no request to opt-out of sale is necessary.
You may submit a request using our self-service personal information request form, deletion request form, or by calling us at 1-855-456-SOFI (7634).
We want to provide you with the resources you need to keep your information with us correct and up-to-date. You can access and maintain your personal and personally identifiable information by logging into your account and going to “My Profile”. This section of the site is password-protected to safeguard your information. As a registered user, you can update your password, physical address, phone numbers, education and employment information at any time on the website. If you need to change any other information in your profile, please contact our customer service hotline at 1-855-456-SOFI (7634).
SoFi takes your privacy seriously, and maintains a process to respond to your concerns regarding violations of this Policy. If you believe that we haven’t complied with this policy in regards to your personal information or have questions regarding your privacy with us, please contact us at [email protected]. If you are reporting non-compliance with this Privacy Policy, please describe the issue in as much detail as possible without disclosing any sensitive information about you or third parties. We will respond to your request by email within 7-10 business days.