Before You Call: Answers to Frequently Asked Questions

SURS State Universities Retirement System
Member Login

Privacy Policy

SURS operates a public-facing website at www.surs.org. This website also features a secure Member’s Portal for the use and benefit of its members. SURS respects all individuals’ rights to privacy and is committed to protecting individuals’ privacy though its compliance with this Policy.

This Policy describes the types of information SURS may collect from Website Users or that Website Users may provide to SURS, and SURS’ practices for collecting, using, maintaining, protecting and disclosing that information when users visit the Website or access or use any content, functionality and/or services offered on or through the Website or through SURS’ Member Portal accessed through the Website. This Policy applies to information SURS collects on the Website, in email, text or other electronic messages between users and the Website, and any other sites that include links to this Policy. It does not apply to information collected by SURS offline or through any other means, including on any other website operated by SURS or any third party, including SURS’ affiliates or partners, including through any application or content (including advertising) that may link to or be accessible from or on the Website.

Children Under the Age of 18

SURS’ Website, www.surs.org, is not intended for children under 18 years of age. A child under the age of 18 must not use or provide any information on the Website without legitimate business or legal need.

Information SURS Collects about Website Users and How it is Collected

Information Website Users Provide SURS – The information SURS collects on or through its website may include the following:

  • Information that users provide by filling in forms on the Website. This includes information provided at the time of registering to use the Website, subscribing to SURS service, posting or providing material or requesting further services;
  • Records and copies of user correspondence (including email addresses) if the user contacts SURS;
  • Details of transactions or interaction carried out through SURS’ Website and of the fulfillment of user’s inquiries or requests; and,
  • User search queries and activities on the Website.

Information SURS Collects Through Automatic Data Collection Technologies

As a user navigates through and interacts with the Website, SURS may use automatic data collection technologies to collect certain information about the user’s equipment, browsing actions, and patterns, including:

  • Details of user visits to the Website, including traffic data, location data, logs, and other communication data and the resources that users access and use on the Website; and
  • Information about the user’s computer and internet connection, including their IP address, operating system, and browser type.

The information SURS collects automatically may include personal information, or SURS may maintain it or associate it with personal information SURS collects in other ways or receives from third parties, which helps SURS to improve its website and to deliver a better and more personalized service, including by enabling SURS to:

  • Estimate its audience size and usage patterns;
  • Store information about user preferences, allowing SURS to customize its website according to a user’s individual interests;
  • Speed up its searches; and
  • Recognize an individual user when they return to the Website.

The technologies SURS uses for this automatic data collection may include the following:

  • Cookies (or Browser Cookies) – A cookie is a small file placed on the hard drive of the user’s computer. The user may refuse to accept browser cookies by activating the appropriate setting on their browser. However, if the user selects this setting they may be unable to access certain parts of the Website. Unless the user has adjusted their browser setting so that it will refuse cookies, SURS’ system will issue cookies when the user directs their browser to the Website.
  • Google Analytics – SURS also uses Google Analytics as a tool for tracking and analyzing its web traffic. Google Analytics runs on SURS’ server and uses a combination of first-party cookies and Javascript code to compile information that is synthesized into reports about page visits, referring sites, user habits, and the like. Google is not provided access to any user information other than IP addresses. Google has created an “Opt-out Browser Add-on” for users who wish to use websites while preventing their data from being accessed or used by Google Analytics. If a user wants to opt out of the features on the Website that rely on Google Analytics, the user should follow the directions provided by Google.

SURS uses the information that it collects about users or that users provide to SURS, including any personal information as follows:

  • To present the Website and its contents to users;
  • To provide users with information, products, or services that they request from SURS;
  • To fulfill any other purpose for which the user provides it;
  • To provide the user with notices about their account;
  • To carry out SURS’ obligations and enforce SURS’ rights arising from any contracts entered into between the user and SURS, including processing the user’s request or application;
  • To notify the user about changes to the Website or any products or services SURS offers or provides through it;
  • To allow the user to participate in interactive features on the Website;
  • In any other way SURS may describe when a user provides the information;
  • For any other purpose with the user’s consent; and
  • To contact a user about SURS’ and third parties’ services that may be of interest to the user

    Disclosure of User Information

    SURS may disclose aggregated information about its website users without restriction.

    SURS may disclose personal information that it collects or that a user provides as described in this Policy to any of the following:

    • To its recordkeepers who require disclosure;
    • To contractors, service providers, and other third parties SURS uses to support its business and who are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which SURS discloses it to them;
    • To third parties to market their products or services to users if they have not opted out of these disclosures. SURS contractually requires these third parties to keep personal information confidential and use it only for the purposes for which SURS discloses it to them;
    • To fulfill the purpose for which a user provides it. For example, when using the Website, a user may contact SURS to request information about SURS or its products and services. Members or other users of the Website may also be able to sign up for seminars, request specific information about programs or register or apply for various programs or services. In choosing these options, a user may provide SURS with information that SURS uses to send them the information, evaluate and process their request or application or provide them with the services they request;

    For any other purpose disclosed by SURS when a user provides the information;

    • With the user’s consent;

    • For other proper purposes and to disclose to third parties information that does not constitute personally identifiable information.

    • To the State of Illinois and its agencies when required by law.

    SURS may also disclose a user’s personal information as follows:

    • To comply with any court order, law or legal process, including to respond to any government or regulatory request, or to comply with public access and open access laws;
    • To enforce or apply SURS’ Terms of Use and other agreements; or
    • If SURS believes disclosure is necessary or appropriate to protect the rights, property, or safety of SURS, its customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

    Choice About How SURS Uses and Discloses User Information

    SURS strives to provide users with choices regarding the personal information they provide to it. SURS has created mechanisms to provide users with the following control over their information:

    • Tracking Technologies and Advertising – Users can set their browsers to refuse all or some browser cookies, or to alert them when cookies are being sent. Users should consult their browser’s documentation to learn how to do this. Note that certain portions of the Website may not operate as intended if the user refuses certain cookies;
    • Promotional Offers from SURS – If a user does not wish to have their email address/contact information used by SURS to promote its products or services, they can opt-out by using the UNSUBSCRIBE feature in the email they receive from SURS, which will remove them from future email distributions. This opt out does not apply to information provided to SURS as a result of a transaction, or activity on the Website.

    SURS does not control third parties’ collection or use of users’ information to serve interest-based advertising. However, these third parties may provide the user with ways to choose not to have their information collected or used in this way.

    Security

    SURS has implemented measures designed to secure users’ personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. SURS also uses Secure Sockets Layer (SSL) protocol to protect information when routed between a user’s browser and SURS’ Website. The safety and security of user information also depends on the user. Where SURS has given the user (or where the user has chosen) a password for access to certain parts of the Website, the user is responsible for keeping this password confidential. SURS asks the user not to share their password with anyone.

    The transmission of information via the internet is not completely secure. While SURS has industry standard security controls in place, SURS cannot and does not guarantee the security of a user’s personal information transmitted to the Website. Any transmission of personal information is at the user’s own risk. SURS is not responsible for circumvention of any privacy settings or security measures contained on the Website.

    Updating Information

    Users  who have registered accounts on the Member Portal may review and change their personal information by logging into the Member Portal and visiting their account details, or by contacting SURS.

    Changes to SURS Website Privacy Policy

    It is SURS’ practice to post any changes it makes to this Privacy Policy on the Website’s home page. If SURS makes material changes to how it treats users’ personal information, it will notify users by email addressed to the primary email address specified in the user’s account and through a notice on the Website home page. Users are responsible for ensuring that SURS has an up-to-date active and deliverable email address for them, and for periodically visiting the Website to view this Privacy Policy