SoFi revised its cookie and tracking technology disclosure on May 7, 2026. The previous language stated that SoFi uses pixels and tracking technologies to collect information and shares this data with social media, advertising, and analytics partners, with no opt-out available unless users made a selection. The updated language introduces a Privacy Preference Center that explains how cookies work, what types are used, and provides granular opt-out controls for non-essential cookies, while also describing which cookies are necessary for site function.
The updated terms establish a Privacy Preference Center that allows users to decline non-essential cookies and tracking technologies. Previously, the policy stated that users must agree to tracking if they did not make a selection. The revised language clarifies that strictly necessary cookies cannot be disabled because they enable core site functionality, but functional and marketing-related cookies can be toggled off. You can access the Privacy Preference Center to review and adjust cookie settings by category.
The updated privacy notice shifts from a default-consent model to an explicit opt-out framework for non-essential tracking. Users now have granular control over which cookie categories are enabled, and SoFi no longer relies on inaction to establish agreement to tracking. This change reduces regulatory exposure under GDPR, CCPA, and similar consent-based privacy frameworks, and clarifies which cookies are functionally necessary versus discretionary.
→ Access the Privacy Preference Center when visiting SoFi's website to review available cookie categories (Functional Cookies, Marketing, Analytics)
→ Toggle off non-essential cookie categories using the buttons provided, or click 'Decline all optional' to disable all cookies except Strictly Necessary
→ Review the 'more information' section in the Privacy Preference Center to understand the specific purposes of each cookie category
→ If you do not adjust cookie settings, the default configuration will apply, which includes Functional Cookies and may include Marketing or Analytics cookies depending on SoFi's default state
→ Some site features may not function properly if you disable Functional Cookies, as stated in the updated policy: 'blocking some types of cookies may impact your experience of the site and the services we are able to offer'
→ Your browsing activity and preferences will be collected and shared with third-party partners (social media, advertising, analytics) unless you specifically opt out through the Privacy Preference Center
This is the 2nd significant Consent Expansion change SoFi has made since ConductAtlas began monitoring.
ConductAtlas has recorded 4 material changes to this document (since April 2026). An additional minor or cosmetic changes were excluded.
Across all monitored documents, SoFi has made 5 significant changes.
3 of SoFi's significant changes have been classified as negative for consumers.
Users can now opt out of non-essential cookies (functional, marketing, analytics) through a preference menu, replacing prior default-consent model.
Cookies required for core site functionality (login, session management, redirect on logout) cannot be disabled, and this exemption is now explicitly stated.
The statement 'If you do not make a selection, you agree to our use of these technologies' was removed, eliminating reliance on negative consent.
This change record describes what was added, removed, or modified in the document. Analysis reflects what the updated agreement states or permits. It does not constitute a legal determination about enforceability. Applicability may vary by jurisdiction. Methodology
You now have the ability to disable tracking cookies for specific purposes (marketing, functional) through a preference menu, rather than having tracking enabled by default unless you proactively opt out.
SoFi updated its tracking technology disclosure to include explicit opt-out mechanisms for non-essential cookies through a Privacy Preference Center. The change narrows the categories of cookies subject to opt-out (distinguishing strictly necessary from functional and marketing-related), clarifies that some cookies cannot be disabled, and provides per-category granularity. This aligns with consent-based frameworks under GDPR and similar privacy regimes that require affirmative opt-in or clear opt-out pathways for non-essential tracking. The change reduces regulatory risk related to mandatory tracking consent and strengthens the transparency posture of the privacy notice.
GDPR (Articles 7, 13), CCPA, CPRA, ePrivacy Directive, state privacy laws (California Consumer Privacy Act, Virginia CDPA, Colorado CPA)
Full compliance analysis
Obligation analysis, escalation trigger, board language, and recommended action.
Watcher: regulatory citations + obligations. Professional: full compliance memo.
ConductAtlas provides verified policy intelligence sourced directly from platform documents. All analysis is intended to support, not replace, legal and compliance review. Record CA-C-001789.
See the full side-by-side comparison of every sentence added, removed, and modified.
🔒 Full diff — WatcherSoFi updated its Privacy Notice on May 6, 2026 to reorganize and clarify how it collects and shares tracking data. …
SoFi updated its Terms of Service on May 5, 2026, making primarily formatting and navigation changes to the document structure. …
SoFi updated its Privacy Notice on May 5, 2026 with primarily formatting and navigation changes to the publicly visible document …
Get alerted when this policy changes again — including what changed and why it matters.
Prefer a weekly summary instead?
Get the biggest policy changes across 320+ platforms every Sunday.