Effective from: 16 June 2026
Who we are
Asiera Technology Services CLG (‘Asiera’) is the controller for the personal data described in this notice, except where this notice explains that a client institution is responsible for the relevant processing.
Our Data Protection Officer can be contacted at dataprotection@asiera.ie.
Our company and charity registration details are available in the legal information section of this website.
About this notice
Asiera is the new name for the organisation formerly known as HEAnet. With effect from 1 January 2026, EduCampus merged into Asiera, and services previously provided or supported by EduCampus are now provided, managed or supported by Asiera.
This notice explains how Asiera processes personal data when you use our website, contact us, attend our events, receive communications from us, act as a representative of a client institution, use our service desk, or interact with us in connection with services that we provide, procure, manage or support.
The Asiera name is being adopted across our websites, service documentation and contractual materials. Some documents and webpages may still refer to HEAnet or EduCampus while this transition is being completed.
Personal data processed by Asiera
The personal data we process depends on your relationship with us and the services involved.
It may include your name, work contact details, organisation, role, account or authorised-user details, correspondence, meeting records, service-management records, support ticket information, escalation records, troubleshooting information, event registration details, communication preferences, website and cookie information, device information, technical logs, operational logs, access logs, security logs, service telemetry, supplier records, procurement records, contract records, finance records, audit records and governance records.
We usually receive this information directly from you, from your organisation, from a client institution, from a supplier or partner, from your use of our website or services, or from systems used to operate, secure and support those services.
We ask that you do not include unnecessary personal data, confidential information or sensitive information in general enquiries, support tickets or escalation requests.
Purposes and lawful bases
Asiera processes personal data to operate and secure our website; respond to enquiries; manage meetings, events, webinars, communications and stakeholder engagement; manage relationships with client institutions, suppliers and partners; provide, procure, manage, support and secure services; administer service requests, onboarding, support and escalations; maintain operational, security, audit and governance records; comply with legal, regulatory, contractual and governance obligations; and establish, exercise or defend legal rights.
The lawful basis depends on the context. We may rely on legitimate interests, performance of contractual arrangements, compliance with legal obligations, or consent where consent is required. Our legitimate interests include operating secure and reliable services, managing client and supplier relationships, supporting the education and research sector, protecting our systems, maintaining appropriate records and managing legal, audit and governance matters.
We do not rely on consent for ordinary service delivery, service security, support administration or operational service management unless we specifically ask for consent for a particular optional activity. Where we rely on consent, you may withdraw that consent at any time.
Where Asiera processes personal data on behalf of a client institution, the institution is responsible for identifying the lawful basis for its own processing.
Services provided to client institutions
Many Asiera services are provided to universities, colleges, education bodies, research bodies and other eligible client institutions.
Asiera’s role depends on the service and the relevant contractual model. In some cases, Asiera determines how limited operational or administrative personal data is processed, for example in relation to service management, technical contacts, security, access logs or network and service telemetry. In other cases, a client institution determines how personal data is used, and Asiera processes that data on the institution’s behalf or supports the institution in procuring, implementing, managing or escalating services with a third-party supplier.
If you are a student, staff member, contractor, researcher, alumnus, visitor or other user of a client institution, your institution’s privacy notice will usually be the main source of information about how your personal data is used in institutional systems and services.
Where a client institution uses third-party applications or supplier services that Asiera procures, supports or helps to manage, the institution’s privacy notice and the relevant supplier documentation will normally provide the main information about personal data processed within those services.
Where Asiera receives a data protection request about personal data processed for a client institution, we may refer the request to that institution or assist the institution in responding, as appropriate.
Service-specific information
Additional service-specific information is available in our Client Agreements and at our Service Terms webpage at https://www.heanet.ie/service-terms.
The Service Terms may explain, for particular services, the applicable service model, Asiera’s role, relevant suppliers or subprocessors, service levels and other service-specific requirements.
This notice should be read together with the Service Terms where relevant.
Cookies
Our website uses cookies and similar technologies.
Some cookies are necessary for the website to function. Others may be used for analytics, preferences or similar purposes where permitted by law and, where required, with your consent.
We use Cookiebot by Usercentrics to help manage cookie information and user choices. Further information is available through our cookie notice and cookie preference tool.
Sharing personal data
We share personal data only where necessary and appropriate for the purposes described in this notice.
Depending on the context, we may share personal data with client institutions, suppliers and service providers who help us operate our website, manage communications, provide support, maintain security, administer our business, or provide, procure, manage or support services. We may also share personal data with professional advisers, auditors, insurers, regulators, public authorities, courts or law enforcement bodies where required or permitted by law.
Where a client institution contracts directly with a third-party supplier, the institution and the supplier are normally responsible for explaining how personal data is shared and used within that service.
Where Asiera acts as processor for a client institution, sharing is governed by the relevant contract, service terms and the institution’s instructions.
International transfers
Asiera’s direct processing for service delivery is carried out in the EEA.
Some third-party providers used by Asiera, or by client institutions in connection with services supported by Asiera, may process, host, support or access personal data from outside the EEA.
Where Asiera is responsible for such processing, we use appropriate safeguards under data protection law. Where a client institution contracts directly with a third-party supplier, further information about international transfers should normally be obtained from the relevant institution and supplier documentation.
Retention
Asiera keeps personal data only for as long as necessary for the purpose for which it was collected, including to provide and support services, manage client and supplier relationships, maintain security, comply with legal and audit obligations, resolve disputes and establish or defend legal claims.
Where Asiera processes personal data on behalf of a client institution, retention is governed by the relevant contract, service terms and the institution’s instructions.
Security
Asiera uses technical and organisational measures designed to protect personal data against unauthorised access, loss, misuse, alteration or disclosure.
No method of transmission or storage is completely secure. However, we take appropriate steps to protect personal data having regard to the nature of the data, the processing involved and the risks to individuals.
Your rights
Depending on the circumstances, you may have the right to request access to your personal data, request correction of inaccurate personal data, request deletion of personal data, request restriction of processing, object to processing, request data portability, withdraw consent where processing is based on consent, complain to the Data Protection Commission, and exercise rights relating to automated decision-making where applicable.
You can contact us about your rights at dataprotection@asiera.ie.
If your request relates to personal data for which your institution is responsible, you should normally contact your institution directly. If you send the request to Asiera, we may refer it to the relevant institution or assist the institution in responding, as appropriate.
Changes to this notice
We may update this notice from time to time to reflect changes in our services, legal obligations or processing activities.
The latest version will be published on the Asiera website. Where a change is material, we may take additional steps to notify affected individuals or client institutions, as appropriate.