As you browse through this website to view, print, and download forms, publications, and general information, no personal identifying information will be revealed or recorded about you. We will only collect and maintain the following information about your visit:
Server Logs/Log Analysis Tools
SURS uses server logs and log analysis tools to create summary statistics about the use of the website. The summary statistics are used to assess what information is of most interest to users, determine technical design specifications, and identify system performance or problem areas. The following information is collected for this analysis:
User/client hostname: The hostname (or IP address, if DNS is disabled) of the user/client requesting access.
- HTTP header, “user-agent”: The user-agent information includes the type of browser used, the browser version, and the operating system it is running on.
- HTTP header, “referrer”: The referrer specifies the page from which the user/client accessed the current page.
- System date: The date and time of the user/client request.
- Full request: The exact request the user/client made.
- Status: The status code the server returned to the user/client.
- Content length: The content length, in bytes, of the document sent to the user/client.
- Method: The request method used.
- Universal Resource Identifier (URI): The location of a resource on the server.
- Query string of the URI: Anything after the question mark in a URI.
- Protocol: The transport protocol and version used.
For site security purposes and to ensure that the site remains available to all users, SURS uses software to monitor network traffic to identify unauthorized attempts to upload or change information, or otherwise cause damage. Except for authorized law enforcement investigations, no other attempts are made to identify individual users or their usage habits. Raw data logs are used for no other purposes.
Accessing Member Account Information
As a service, SURS provides its members with online access to their own member account information. SURS requires user IDs and passwords, and uses data encryption and third-party verification to protect member account information. In order to access member account information through our website, members need to provide their user IDs and passwords. Accessing member account information online is voluntary. If members choose not to utilize SURS online member account information service, members will still be able to use all other features of SURS’ website.
If a member believes that personal information that they provided to SURS contains inaccuracies or needs to be updated, they should contact SURS at 800-275-7877 to provide updated information.
Email communications to and from SURS are not protected by these security measures. Email communications to and from SURS are protected by less-stringent security measures as is member account information.
When a member sends an email from surs.org to get in touch with SURS, the information SURS receives depends on the information the member reveals to SURS in its message. Depending on the content of the member’s email, the information submitted may be used by SURS staff to respond appropriately, by either responding to the member, addressing issues the member identifies, making suggested improvements to SURS’ website, or forwarding the member’s email to another agency for appropriate action. SURS is not responsible for unauthorized access by third parties to personal information revealed in a member’s email messages.
Using Web Links
Social Security Numbers
SURS uses its own Member Identification numbers for the majority of its member communications to help protect members’ identities. However, SURS is required to collect Social Security Numbers (SSNs) for federal tax-reporting purposes associated with payment of benefits and refunds. SURS understands members’ concerns related to identity theft and has policies and procedures that comply with Illinois and federal law in place to protect the confidentiality of members’ Social Security numbers.
SURS will not:
- Sell, lease, trade or rent SSNs to a third party for any purpose;
- Publicly post or display SSNs;
- Print SSNs on any card required for SURS members to access SURS services;
- Require anyone to transmit SSNs over the Internet, unless the connection is secure or the SSN is encrypted;
- Print SSNs on any materials mailed, unless state or federal law requires that the SSN be on the documents mailed, or unless SURS is confirming the accuracy of the SSN;
- Collect, use or disclose SSNs unless required by state or federal law or for the performance of the duties and responsibilities of SURS;
- Require a member to use his or her SSN to access the SURS website; or
- Use the SSN for any purpose other than the purpose for which it was collected.
- Disclose SSNs if required by a court order, warrant or subpoena;
- Disclose SSNs to reciprocal retirement systems or other government agencies to perform SURS duties and responsibilities with regard to the SURS member;
- Collect, use or disclose SSNs to verify the SSN for SURS internal processes;
- Disclose SSNs as required by law; or
- Collect SSNs to locate an inactive or dormant member to pay a benefit from SURS.
Accuracy of Data
SURS makes every effort to provide members with the most current and accurate information. Members’ account information is subject to change because of an audit or because of new or different data provided by the member or employer.
It is SURS’ policy to comply with all applicable federal and state laws, rules and regulations. If there is a conflict between information contained on this website and the applicable law, rule, or regulation, the law, rule, or regulation will prevail.
Surs.org is the official site of the State Universities Retirement System of Illinois. Unauthorized attempts to upload information or change information on the website, or to tamper with or modify the system, including supporting hardware or software, are strictly prohibited and may be subject to criminal prosecution under the Computer Fraud and Abuse Act and the Illinois Criminal Computer Fraud law, 720 ILCS 5/17-50 through -55.
No one under the age of 13, is authorized to provide SURS with personally identifying information. Collection of information volunteered by children online or by email will be treated the same as information given by an adult.