SoFi revised its cookie and tracking technology disclosure on June 12, 2026. The previous terms stated that SoFi uses pixels and tracking technologies to collect information and shares this data with social media, advertising, and analytics partners, with a default opt-in unless users decline. The updated terms now present a detailed Privacy Preference Center that explains how cookies function, establishes functional cookies as requiring explicit permission, describes the specific purposes of data collection, and allows users to manage cookie categories individually rather than accepting all tracking by default.
The updated terms establish a Privacy Preference Center that provides granular cookie controls rather than requiring blanket acceptance of all tracking technologies. Previously, SoFi stated that users who did not make a selection agreed to all tracking uses; the revised terms now require users to affirmatively allow functional cookies and other tracking categories. The updated language explicitly describes that functional cookies enable enhanced site functionality and personalization, and that blocking certain cookies may impact site experience. You can now toggle cookie categories on or off individually rather than accepting or declining all tracking as a single choice.
The updated terms establish a privacy control mechanism that operationally requires affirmative user choice for non-essential tracking rather than deploying tracking technology by default unless users actively opt out. This shift aligns SoFi's consent model with GDPR requirements for valid consent and reflects regulatory emphasis on transparent, granular user control over data collection practices. The change affects how SoFi collects and shares user data with advertising and analytics partners, since those data flows now depend on users affirmatively selecting corresponding cookie categories.
→ Review the Privacy Preference Center when visiting SoFi.com to select which cookie categories to allow
→ Toggle off any optional cookie categories (e.g. advertising, analytics) if you do not wish to enable those tracking mechanisms
→ Users who do not interact with the Privacy Preference Center will only have essential/strictly necessary cookies deployed
→ Without affirmative selection of functional cookies, some site personalization and enhanced features may not be available
ConductAtlas has recorded 7 material changes to this document over 41 days of monitoring (since May 2026). An additional minor or cosmetic changes were excluded.
Across all monitored documents, SoFi has made 14 significant changes.
9 of SoFi's significant changes have been classified as negative for consumers.
Establishes explicit user consent requirement for functional cookies rather than default enrollment
Eliminates prior language that treated user inaction as acceptance of all tracking technologies
This change record describes what was added, removed, or modified in the document. Analysis reflects what the updated agreement states or permits. It does not constitute a legal determination about enforceability. Applicability may vary by jurisdiction. Methodology
Instead of automatic enrollment in all tracking, you now choose which types of cookies to allow
The policy now explains what functional cookies do and that they require your choice to be active
+ 1 more obligation changes. Full breakdown available with Monitor.
Track changes →SoFi replaced a broad, pre-checked consent model with a granular, category-based preference system on June 12, 2026. The change moves from implied consent (opt-out) to explicit consent (opt-in) for non-essential cookies, which aligns with GDPR Article 7 requirements for valid consent and CCPA transparency obligations. This shift likely reflects regulatory pressure to provide users with meaningful choice over data collection. Organizations relying on SoFi for financial services should evaluate whether their own privacy notices and consent flows accurately describe how SoFi's updated tracking practices affect downstream data handling, particularly where SoFi collects and shares data with third parties.
GDPR (Articles 4, 7, 13 regarding consent, transparency, and lawful basis); CCPA Section 1798.100 (consumer right to know); ePrivacy Directive 2002/58/EC (cookie consent requirements); California Consumer Privacy Act amendments (CPRA) effective 2023
Full compliance analysis
Obligation analysis, escalation trigger, board language, and recommended action.
Monitor: regulatory citations + obligations. Compliance: full compliance memo.
ConductAtlas provides verified policy intelligence sourced directly from platform documents. All analysis is intended to support, not replace, legal and compliance review. Record CA-C-002903.
See the full side-by-side comparison of every sentence added, removed, and modified.
🔒 Full diff — MonitorSoFi added navigation elements to the top of its Terms of Service page on June 11, 2026. The updated version …
ConductAtlas detected a major restructuring of Meta’s privacy policy that removed detailed consumer rights disclosures and relocated them t…
ConductAtlas tracked the restructuring, new disclosures, and entity changes that followed the largest privacy fine in EU history.
Your genetic data may be transferred to a new owner as a business asset. Here is what the Terms of Service actually say and what you can do…
Get alerted when this policy changes again — including what changed and why it matters.
Prefer a weekly summary instead?
Get the biggest policy changes across 320+ platforms every Sunday.