SoFi is a new kind of finance company taking a radical approach to lending and wealth management. From unprecedented products and tools to faster service and open conversations, we’re all about helping our members get ahead and achieve success. Whether they’re looking to buy a home, save money on student loans, ascend in their careers, or invest in the future, the SoFi community works to empower our members to accomplish the goals they set and achieve financial greatness as a result.
1.1.1. Personal Information
We collect personal information from you to help you use our services. When we say “personal information,” we mean information that specifically identifies you.
We collect this information in a number of ways. You are asked to provide personal information to us while submitting loan applications, registering to use our Website, discussing your application or product with us, providing feedback to us, or transferring funds when using our services. Examples of personal information include:
We may supplement the personal information you submit to us with information from third-party sources. For example, in an effort to protect the integrity of your account and if permitted under applicable law, we may supplement your registration information with address standardization data to verify the address you have entered is valid and to protect you against identity theft.
Finally, we never intend to collect personal information from children under 13 years of age. If we learn or are notified that we have collected this information from a child under the age of 13, we will promptly remove the data from our system.
1.2.1 Aggregate Information
Aggregate information, which is data we collect about your use of our or third-party websites or services, from which personal information has been removed. Aggregate data is used to help us understand consumer trends, needs, interests, and preferences so we can improve our products and services.
SoFi also collects demographic information, which is anonymous, and may include:
In the case of employee-sponsored plans, where we partner with employers to offer our products to their employees, we will collect information from both the employer and employees. This includes, but is not limited to, employer name, plan participant names, length of employment, annual income, addresses, dates of birth, email addresses and other relevant information needed to verify the identity and employment of plan participants.
1.2.2. Consumer Reports
As a company engaged in lending, SoFi both receives and transmits data to consumer reporting agencies. We partner with these agencies to assess your creditworthiness and to prevent fraud and identity theft. This is done as part of our regular underwriting, fraud prevention and loan servicing processes.
Information we collect in these reports includes, but is not limited to:
Correcting information maintained by the credit bureaus
Information related to your creditworthiness is maintained by the credit bureaus. If you find that there is an error or you want to dispute the information found in your credit report, please contact the credit reporting bureaus.
SoFi also collects information about your computer or mobile device to improve and evaluate your use of our website and our services. We may gather data such as your browser type, operating system, loading or exiting of web pages, and the Internet Protocol (IP) address of your computer or device.
Please note that any information, photos, contact information, email addresses, videos, and other content you post to your profile on SoFi’s Community site is available to everyone using that service. The information you share is available to everyone accessing that service, and may be read, collected or used by others for any purpose, including sending you unsolicited messages.
1.2.4. Information We Get from Others
Like other advertisers, we contract with third parties to place advertisements for our products and services on websites that are not our own. We place these ads where we think they are likely to be most relevant. These advertisements on third-party websites allow us to track responses to our ads. We and our affiliates use this information to track the performance of our advertising and marketing campaigns by using tools like cookies, web beacons and similar technologies. We use these tools to collect and store information about your visits, page visits and duration, and the specific ad or link that the user clicked on to visit the site.
SoFi uses “cookies” and similar tools to track your use of the Website when you use our services. We collect information such as the types of service used, and number of users we receive daily. Our web servers automatically log information about your computer, but we don’t use this information to identify you personally.
A web beacon embeds a small transparent gif image in a web page or email used to track when the page or email has been viewed. A similar device may be used where a product, service or functionality sends data to a server when a set of user-initiated events occur such as clicking a button on the website or in an email. This is similar to a cookie – it tracks your visit and the data is only read by the server that receives the data. However, it differs because it is not browser-based, may not function as an ID card and doesn’t store any data on your computer.
Most Internet browsers are set up to accept cookies automatically. You can set your browser to notify you when you receive a cookie, allowing you to decide whether or not to accept it. For some web pages requiring an authorization, cookies are not optional. Users choosing not to accept cookies or similar devices will probably not be able to access those pages or their products and services.
1.2.6 Contacting us by Telephone
If you communicate with us by telephone, we may monitor or record the call. This is done for reasons such as maintaining the integrity of your account, providing effective and timely service, and the improvement of SoFi’s products.
Here are some examples of ways in which we use your personal information:
Sharing your personal information
SoFi only shares your personal information with unaffiliated third parties as permitted or required by law. We may share your personal information with our affiliate companies and as part of joint marketing campaigns with other financial companies. When SoFi shares your personal information with vendors and service providers who perform functions on our behalf, we require the security and confidentiality of your information, as well as limiting their use of the information to reasonably and necessarily to carry out their work with us and comply with applicable laws and regulations. Third parties we share your information with may include, but are not limited to:
Please note that, if you are a current borrower, you may not control certain information associated with your loan, that you have already agreed to provide to certain investors as described in your loan agreement.
Finally, personal information may be disclosed or transferred as part of, or during negotiations of, a merger, consolidation, sale of our assets, as well as equity financing, acquisition, strategic alliance or in any other situation where personal information may be transferred as one of the business assets of SoFi.
Personal Information that we have collected may be aggregated or de-identified in a manner that no longer identifies you personally. We may share this aggregated or de-identified information with third parties for various business purposes, where permitted by applicable law.
3.1. What we do to protect your personal information
SoFi takes the privacy and security of its members personal information seriously. We maintain administrative, technical and physical safeguards designed to protect your information’s security, confidentiality and integrity.
We protect personal information you provide online in connection with registering yourself as a user of our website. Access to your own personal information is available through a unique user ID and password selected by you. This password is encrypted while transmitted from your browser to our servers and while stored on our systems. To protect the security of your personal information, never share your password to anyone. Please notify us immediately if you believe your password has been compromised.
Whenever we save your personal information, it’s stored on servers and in facilities that only selected SoFi personnel and our contractors have access to. We encrypt all data that you submit through SoFi’s website during transmission using Transport Layer Security (TLS) in order to prevent unauthorized parties from viewing such information. Remember – all information you submit to us by email is not secure, so please do not send sensitive information in any email to SoFi. We never request that you submit sensitive or personal information over email, so please report any such requests to us by sending an email to [email protected].
3.2. Steps you can take to help us keep your information safe
There are many steps you can take to help us keep your information safe. First and foremost, choose complex, independent passwords for each website and service you maintain an account with. This helps keep any breach of any of your accounts isolated to one service. Also, don’t use anything related to your birthday, address, phone number, PIN number or any other easily guessable information in your password.
SoFi urges your caution when using public computers or networks, like at a coffee shop or library. To best protect your personal information and login information, don’t use such computers to access your sensitive accounts, and if you must, ensure that you logout of your account entirely.
When either you or we update information in your account, such as the status of a loan application, we typically send you notice of these changes via email or text message. In recent years, individuals, businesses and even governments have seen a rise in “phishing” attacks. Phishing occurs when someone attempts to obtain your password or other sensitive information. Scammers often do this by impersonating a trusted user, or offering a compelling reason to open a malicious email attachment, click on a link or give over information. We never ask for your sensitive personal information, such as password, over email or other unsecure methods or through any site not under the sofi.com domain. Please notify us at [email protected] if you ever receive suspicious correspondence from us.
We want you to be aware of the choices you have in limiting the sharing of your personal information. Please refer to the below table to review your options in sharing with us:
|Reasons we share your information||Does SoFi share?||Can you limit this sharing?|
|For our everyday business purposes—such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, or report to credit bureaus||Yes||No|
|For our marketing purposes—to offer our products and services to you||Yes||No|
|For joint marketing with other financial companies||Yes||No|
|For our affiliates’ everyday business purposes—information about your transactions and experiences||Yes||No|
|For our affiliates’ everyday business purposes—information about your creditworthiness||Yes||Yes|
|For our affiliates to market to you||Yes||Yes|
|For non-affiliates to market to you||Yes||Yes|
We want to provide you with the resources you need to keep your information with us correct and up-to-date. You can access and maintain your personal and personally identifiable information by logging into your account and going to “My Profile”. This section of the site is password-protected to safeguard your information. As a registered user, you can update your password, physical address, phone numbers, education and employment information at any time on the website. If you need to change any other information in your profile, please contact our customer service hotline at 1-855-456-SOFI (7634).
We don’t respond to “do not track” signals or similar mechanisms – where a visitor to SoFi’s website requests that we disable the collection of information about the visitor’s online activities, including navigation around our website and the service. We may also permit third parties to collect aggregate usage information on our website, and they may also not respond to “do not track” signals.