Privacy Policy

The privacy of personal information is important to CalPERS.

This Privacy Policy describes CalPERS’ collection, use, and disclosure of personal information maintained by CalPERS, as well as safeguards reasonably designed to ensure its protection. CalPERS information management practices follow the requirements of the Information Practices Act (Civil Code section 1798 et seq.)  , the California Public Records Act (Government (Gov.) Code section 7920.000 et seq.), Gov. Code sections 11015.5 and 11019.9, and other applicable laws pertaining to information confidentiality. Any personal information we collect, including Electronically Collected Personal Information (defined below), as described here, is subject to the limitations set forth in the Information Practices Act of 1977 (Information Practices Act).

Our Privacy Policy does not address our privacy practices relating to CalPERS job applicants, employees, or other employment-related individuals, nor data that is not subject to applicable data protection laws (such as deidentified or publicly available information).

This Privacy Policy also does not apply to protected health information that we collect in accordance with, and subject to, the Health Insurance Portability and Accountability Act (HIPAA). For information on how CalPERS uses and discloses protected health information, refer to the Notice of Privacy Practices (PDF).

We only obtain personal information through lawful means.

CalPERS collects personal information pursuant to the authority granted under the Public Employees’ Retirement System Law (Gov. Code sections 20000 et seq.) and uses it solely for the purpose of carrying out the duties of the CalPERS Board of Administration in administering the Public Employees’ Retirement System, the Legislators’ Retirement System, the Judges’ Retirement System, the Judges’ Retirement System II, the Public Employees’ Deferred Compensation Program, the Supplemental Contributions Program, the Public Employees’ Long-Term Care Program, the Public Employees’ Medical and Hospital Care Act, the Old Age and Survivors’ Insurance Program, the Annuitants’ Health Care Coverage Fund, the California Employers’ Pension Prefunding Trust Fund, and the Replacement Benefit Plan, as applicable. Personal information is collected directly from you, your employer (or their administrators), through the myCalPERS portal, or through our website.

CalPERS may collect personal information, as defined in the Information Practices Act, that you provide to us, and use this information to provide certain services. 

Personal information, as defined in the Information Practices Act, is information that identifies or describes an individual including name, Social Security number, physical description, home address, home telephone number, education, financial matters, and medical or employment history.

CalPERS collects personal information about individuals through our website when an individual provides such information to us through voluntary use of our online services, such as by completing a web form. We may also collect personal information you provide through voluntarily accessing the myCalPERS portal, or that you provide via email, telephone, or physical mail.

Submission of the information requested by CalPERS to provide pension, health, and other benefits administered by CalPERS is mandatory. Failure to submit the required information may result in CalPERS being unable to perform its functions regarding the provision of your benefits.

Personal information that CalPERS collects is relevant to the purpose for which it is collected and includes:

  • Personal information, including first and last name, Social Security Number, telephone number, email address, mailing address, marriage date, date of birth, communication preferences, and information about your personal representative (if any). We use this information primarily to provide your benefits, respond to your requests, and communicate with you directly.
  • Account information, including first and last name, email address, telephone number and CalPERS identification number (CID). We use this information primarily to administer your account, communicate with you regarding your account, and for customer support purposes.
  • Customer content, including any files, documents, audio, videos, images, data, or communications you choose to input, upload, or transmit through our web form(s), the myCalPERS portal or via email, telephone, or physical mail. We use this content primarily to facilitate your requests.
  • Financial information, including bank account and routing information, billing address, invoice ID, mortgage amount and other financial information. We collect this information for direct deposit and reimbursement purposes.
  • Benefits information, including medical history, financial information, health plan information, marriage status, marriage and birth certificates, employment information, beneficiary information, and other information needed to help provide requested benefits. We collect this information to provide your benefits and facilitate your requests.

Additionally, when completing a transaction in myCalPERS, you may be asked to answer a set of security questions unique to you. This is known as knowledge-based authentication, or KBA. We’ve partnered with LexisNexis Risk Solutions to provide KBA services. If you would like to order copies of the information that LexisNexis maintains and uses to create consumer reports about you, visit Access Your Full File Disclosure. If you have received your file, and find it contains incorrect or incomplete information, you have the right to file a dispute. Learn How to Dispute Information.

CalPERS uses certain tracking technologies to automatically collect information on our website.

The information that CalPERS’ website automatically collects includes:

  • Domain name or Internet Protocol address of the machine used to access our website
  • Forms or publications that are uploaded
  • Type of browser and operating system used
  • Web pages or services displayed
  • Date and time when our website is visited

CalPERS may also use electronic “cookies,” in some areas of the CalPERS website, to improve the overall usability of the site.

CalPERS uses electronic cookies to collect and temporarily store various types of information. The cookies allow the programs to operate correctly and know where to return the business transaction results.

You can refuse the cookie or delete the cookie file from your computer by using any of the widely available methods. However, if you turn your cookies option off, some of our online services may not be accessible.

CalPERS may disclose your personal information to provide services and respond to your requests.

For example, we may disclose or otherwise make available personal information in the following ways: 

  • To service providers: We engage other third parties to perform certain services on our behalf in connection with the uses of personal information described in the sections above. Depending on the applicable services, these service providers may process personal information on our behalf or have access to personal information while performing services on our behalf.
  • To business partners (including your employer): We may share personal information with our business partners, or we may allow our business partners to collect personal information directly from you in connection with administering our services.
  • To facilitate legal obligations and rights: We may disclose personal information to third parties, such as legal advisors and law enforcement:
    • In connection with the establishment, exercise, or defense of legal claims
    • To comply with laws or to respond to lawful requests and legal process
    • To protect our rights and property and the rights and property of our agents, members, and others, including to enforce our agreements, policies, and conditions of use
    • To detect, suppress, or prevent fraud
    • To protect the health and safety of our members; or
    • As otherwise required by applicable law
  • With your consent or direction: We may disclose your personal information to certain other third parties or publicly with your consent or direction. 

CalPERS collects “Electronically Collected Personal Information” (as defined below).

CalPERS collects Electronically Collected Personal Information. Pursuant to Gov. Code section 11015.5.(a)(6), however, all state agencies are prohibited from distributing or selling any Electronically Collected Personal Information about users to any third party without the permission of the user.

We don’t sell any Electronically Collected Personal Information. CalPERS’ use of Electronically Collected Personal Information is solely for the purpose of CalPERS’ business and will only be retained as long as necessary to fulfill those specified purposes.

“Electronically Collected Personal Information” means any information maintained by CalPERS that identifies or describes an individual user, including, but not limited to:

  • Your name
  • Social Security number
  • Physical description
  • Home address
  • Telephone number
  • Education information
  • Financial information
  • Medical or employment history
  • Password
  • Email address
  • Information that reveals any network location or identity

“Electronically Collected Personal Information” excludes any information manually submitted to a state agency by a user or provided on behalf of a user as permitted by applicable law, whether electronically or in written form, and information on or relating to individuals who are users in a business capacity, including, but not limited to, business owners, officers, or principals of that business.

We specify the purpose for which personal information is collected in this Privacy Policy.

Where applicable, we may also provide our Privacy Notice on, or with, the form used to collect personal information.

Any subsequent use of personal information is limited to the fulfillment of purposes consistent with any previously specified purpose.

We use personal information only for the specified purposes, or purposes consistent with those purposes, and personal information will not be disclosed, made available, or otherwise used, unless we have received consent from the individual or unless required by law or regulation.

The California Public Records Act ensures that government is open, and that the public has a right to access appropriate records and information possessed by state government. However, there are exceptions in both state and federal law limiting the public’s right to access public records. For instance, Electronically Collected Personal Information is exempt from requests made pursuant to the California Public Records Act. These exceptions serve various needs, including maintaining the privacy of individuals. In the event of a conflict between this policy and the California Public Records Act, the Information Practices Act, or any other law governing the disclosure of records, the applicable law will control.

We inform those who provide personal information about their opportunity to review that information.

Individuals who provide CalPERS with personal information have the right to access and review their personal information and contest its accuracy or completeness. Individuals may request corrections to any inaccuracies in their records.

We inform those about whom we have Electronically Collected Personal Information about their opportunity to delete that information.

Individuals also have the right to have any Electronically Collected Personal Information deleted (including without reuse or distribution) by contacting the CalPERS Privacy Officer using the contact information in the “For More Information” section below.

We use information security safeguards.

CalPERS uses information security safeguards designed to protect the personal information we collect and maintain against loss, unauthorized access, and illegal use, modification, or disclosure. Security measures are integrated into the design, implementation, and day-to-day operations of the CalPERS business environment. Personal information is destroyed according to the CalPERS records retention schedule and periodic reviews are done to help with the proper understanding and implementation of information management policies and procedures.

CalPERS encourages all members to use appropriate safeguards to secure their personal computers and the information on those computers as well.

Knowledge Based Authentication

When completing a transaction in myCalPERS, you may be asked to answer a set of security questions unique to you. This is known as knowledge-based authentication, or KBA, and it’s one of the measures we use to keep your account secure.

We’ve partnered with LexisNexis Risk Solutions to provide KBA services. Security questions are developed using intelligent algorithms and billions of consumer records.

If you would like to order copies of the information that LexisNexis maintains and uses to create consumer reports about you, visit Access Your Full File Disclosure. If you have received your file, and find it contains incorrect or incomplete information, you have the right to file a dispute. Learn How to Dispute Information.

Messaging Terms of Service

We’ve partnered with Twilio to provide messaging services (text, phone call, and email) in myCalPERS for two specific scenarios: account-related notifications and multifactor authentication. 

Updates to This Privacy Policy

Our Privacy Policy reflects CalPERS’ current business practices and is subject to change without notice. When we make changes to this Privacy Policy, we will change the date at the beginning of this Privacy Policy. This Privacy Policy is also not a contract and does not create any legal rights or obligations not otherwise provided by law.

For More Information

If you have questions or would like additional information regarding our Privacy Policy, call our Customer Contact Center at 888 CalPERS (or 888-225-7377) or TTY (877) 249-7442 or write to:

CalPERS
Privacy Officer
400 Q Street
Sacramento, CA 95811

Resources