Privacy Policy

MyNYSTRS is a secure members-only portal available from NYSTRS.org that enables NYSTRS' active members and retirees to keep tabs on their membership, conduct certain transactions, file certain forms, and communicate with the Retirement System securely. Access to MyNYSTRS is permitted only for active members and retirees of NYSTRS. Unauthorized or improper use is prohibited and may result in the revocation of access, disciplinary action, and/or civil and criminal penalties.

Information in MyNYSTRS may be monitored, recorded, audited, and disclosed to authorized personnel for official purposes. By using MyNYSTRS, NYSTRS members and retirees consent to the collection and use of information as set forth herein. For additional information, see the following sections of this Privacy Policy: "Information Collected Automatically When You Visit the NYSTRS Website" and "Information Collected When You Email This Website or Complete a Transaction."

NYSTRS automatically collects and stores the following information about your visit when you access this website and the secure areas of MyNYSTRS and Employer Secure Area:

• User client hostname. The hostname or Internet Protocol address of the user requesting access to the NYSTRS website.
• HTTP header, "user agent." The user agent information includes the type of browser, its version, and the operating system on which the browser is running.
• HTTP header, "referrer." The referrer specifies the webpage from which the user accessed the current webpage.
• System date. The date and time of the user's request.
• Full request. The exact request the user made.
• Status. The status code the server returned to the user.
• Content length. The content length, in bytes, of any document sent to the user.
• Method. The request method used.
• Universal Resource Identifier (URI). The location of a resource on the server.
• Query string of the URI. Anything after the questions mark in a URI.
• Protocol. The transport protocol and the version used.

None of the foregoing information constitutes personal information.

The information that is collected automatically is used to improve the content of NYSTRS’ website, MyNYSTRS and Employer Secure Area, and to help NYSTRS understand how users are interacting with the website and secure applications. This information is collected for statistical analysis, to determine what information is of most and least interest to our users, and to improve the utility of the material available online. The information is not collected for commercial marketing purposes and NYSTRS is not authorized to sell or otherwise disclose the information collected online for commercial marketing purposes.

NYSTRS uses Google Analytics measurement software to collect the information listed above, which is gathered for the purpose of improving our website and applications. The data is automatically sent to Google’s system, which immediately aggregates the data. For further information on how Google Analytics collects and processes data, refer to www.google.com/policies/privacy/partners/.

Reports generated by Google are only available to NYSTRS’ website managers, members of their communications and web teams, and other designated staff who require this information to perform their duties.

NYSTRS retains the data from Google Analytics for 26 months in order to support the mission of the NYSTRS website and applications.

Cookies are simple text files stored on your personal computer to provide a means of distinguishing among users of this website. The use of a cookie is a standard practice among Internet websites. Cookies from nystrs.org only collect information about your browser’s visit to the site; they do not collect any personal information about you.

There are two types of cookies: temporary session cookies and persistent cookies. Session cookies last only as long as your web browser is open. Once you close your browser, the cookie disappears. Persistent cookies are stored on your computer for longer periods.

Session Cookies: NYSTRS places a "session" cookie on the user's computer once entering nystrs.org or any of the secure online applications, which remains only for the time period the user's browser session is open. NYSTRS uses the session cookie to store a randomly generated identifying tag on the device with which the user accesses the website so that NYSTRS can access the information necessary to respond to the user's requests. The session cookie is erased when the user's browser is closed.

Persistent Cookies: NYSTRS uses persistent cookies to differentiate between new and returning visitors to our site. These persistent cookies allow NYSTRS to identify browsing patterns and provide a more customized user experience. Persistent cookies placed on your visits to nystrs.org will remain on your computer for a period of up to 12 months. Persistent cookies placed on your visits to the MyNYSTRS and Employer Secure Area applications of the website will remain for a period of up to six months.

During your visit to nystrs.org, you may send an email to NYSTRS. Your email address and the contents of your message will be collected. The information collected is not limited to text characters and may include audio, video, and graphics included in the message. Your email address and the information included in your message will be used to respond to you, to address issues you identify, to improve this website, or to forward your message to another entity if appropriate. Your email address is not collected for commercial purposes and NYSTRS is not authorized to sell or otherwise disclose your email address for commercial purposes.

Although the System regards all messages it receives from users as confidential, please be advised that because the Internet is a public domain, messages sent to NYSTRS outside of a MyNYSTRS or Employer Secure Area account can and may be intercepted or accessed by a third party.

During your visit to MyNYSTRS, you may complete a transaction, such as a request for a pension estimate or a change to your mailing address. The information volunteered by you in completing the transaction, including personal information, is used by NYSTRS to operate NYSTRS programs and to provide you the information you requested. The information collected by NYSTRS may be disclosed by NYSTRS only for the purpose of providing information to the user, pertaining to the user, which was requested by the user.

During your visit to MyNYSTRS and Employer Secure Area, the geolocation of your Internet protocol address (including latitude, longitude, city, state and country) will be collected for security purposes.

NYSTRS does not knowingly collect personal information from children or create profiles of children through this website. Users are cautioned, however, that the collection of personal information submitted in an email will be treated as though it was submitted by an adult, and may, unless exempted from access by federal or state law, be subject to public access.

The collection of information through this website and the disclosure of that information are subject to the provisions of the Internet Security and Privacy Act. As noted above, NYSTRS generally does not collect any personal information about a user unless the user provides that information voluntarily via email or through MyNYSTRS (a secure members-only area of the website). However, personal information is collected by the System via employer reports submitted through the Employer Secure Area (an area of the website for employers only). This includes data associated with non-members who work for a NYSTRS participating employer. Personal information may also be contained in the Board Portal, another secure area of NYSTRS' website. NYSTRS will disclose personal information collected through this website only if the user has consented to the disclosure of such personal information. The user's voluntary disclosure of personal information to NYSTRS constitutes the user's consent to the collection and disclosure of the information by NYSTRS for the purposes for which the user disclosed the information to NYSTRS, to the extent such purpose is reasonably ascertainable from the nature and terms of the disclosure.

The disclosure of information, including personal information, collected through this website is subject to the provisions of the Freedom of Information Law and the Personal Privacy Protection Law.

NYSTRS may disclose personal information to federal or state law enforcement authorities to enforce its rights against unauthorized access or attempted unauthorized access to NYSTRS' information technology assets.

As noted above, NYSTRS generally does not collect any personal information about a user unless the user provides that information voluntarily via email or through MyNYSTRS (a secure members-only area of the website). However, personal information is collected by the System via employer reports submitted through the Employer Secure Area (an area of the website for employers only). This includes data associated with non-members who work for a NYSTRS participating employer. Personal information may also be contained in the Board Portal, another secure area of NYSTRS' website. You may choose not to send NYSTRS an email or enter one of the above three external web-based applications. Your choice not to participate in these activities may limit your ability to receive specific services through this website; however, it will not have an impact on your ability to take advantage of other features of the website, including browsing or downloading information.

NYSTRS is strongly committed to protecting personal information collected through this website against unauthorized access, use or disclosure. Consequently, NYSTRS limits employee access to personal information collected through this website to only those employees who need access to the information in the performance of their official duties. Employees who have access to this information follow established policy and appropriate procedures in connection with any disclosures of personal information.

In addition, NYSTRS has implemented procedures to safeguard the integrity of its information technology assets, including, but not limited to, authentication, monitoring, auditing and encryption. These security procedures have been integrated into the design, implementation, and day-to-day operations of this website as part of our continuing commitment to the security of electronic content as well as the electronic transmission of information.

For website security purposes and to maintain the availability of the website for all users, NYSTRS employs software to monitor traffic to identify unauthorized attempts to upload or change information or otherwise damage this website.

The information provided in this privacy policy is not intended as business, legal, or other advice, nor is it intended as a guarantee of the security or accuracy of information provided to or through this website. NYSTRS reserves the right, at its sole discretion, to change, modify, add or delete portions of this policy.

For questions regarding NYSTRS' Internet Privacy Policy, please contact the Retirement System via email at [email protected] or via mail to: NYSTRS, Attn: Public Information Office, 10 Corporate Woods Drive, Albany NY 12211-2395.

This Notice of Privacy Practices describes the types of information that NYSTRS may obtain about you and the categories of persons or entities to whom that information may be disclosed.