Privacy Notice

COG-MHEAR Privacy Notice: Social Media Analysis

Edinburgh Napier University, as the Data Controller, is providing you with this information to comply with the General Data Protection Regulation (EU) 2016/679, as retained in UK law, and the Data Protection Act 2018.


This privacy notice deals with personal data provided for the purposes of research only. Edinburgh Napier University (“We”) conducts research to the highest standards of research integrity to ensure it is both beneficial (generally) and enriches higher learning. We respect the confidentiality and sensitivity of the personal information that you provide to us, that we get from other organisations, and that we share with other collaborating organisations (such as other Universities or our research funders). We commit to protecting your personal information, keeping it secure and complying with the legislation.

This privacy notice refers to a sub-project of COG-MHEAR which is exploring public perceptions through social media.

Currently, only 40% of people who could benefit from hearing aids have them, and most people who have hearing aids don't use them often enough. To transform hearing care by 2050, the COG-MHEAR programme aims to completely re-think the way hearing aids are designed. As part of this body of work we are interested in exploring the public’s views of hearing loss, hearing technology, and hearing care. To do this we will analyse publicly available social media posts (on Twitter and Facebook) to help understand the positive, neutral, and negative views on these topics.

The results of these analyses will inform other COG-MHEAR research activities developing “multi-modal” hearing aids (to find out more about these activities please see: link). In particular, these analyses will help COG-MHEAR researchers consider what the public likes (positive views) and doesn’t like (negative views) about hearing loss, hearing technology, and hearing care in the development of novel multi-modal hearing aids. The results of these analyses will also be published (e.g., in academic journals) and/or presented at conferences to inform the wider scientific community.

Legal basis

Our basis for processing is Article 6(1)(e) of the UK GDPR: “processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller”, in this case, for the purposes of research.

Where we process special category personal data (e.g. health-related opinions in publicly available social media posts), our basis will Article 9(2)(j): “processing is necessary for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes…”.

Whose information is being collected?

Social Media Users (Twitter & Facebook)

What type of information is being collected?

Publicly available social media posts (message content, location, temporal information, ID)

How is the information being collected?

Twitter gives access to its archive and a real-time feed of all the posts on the network for bulk collection (, where users are required to give an explanation of the purposes of their research and agree to a set of terms and policies which restrict illegitimate usage.

In case of future use of Facebook data, we will attempt to gain access to comment data through the use of the CrowdTangle API platform (h ttps://, which allows researchers to harvest public posts of more than a million accounts selected by the platform holder, plus the comments added to those posts publicly by other users.

Personal data will be collected unavoidably as part of the research, but the majority of fields will be removed at the processing stage. The fields which are not removed, time, location, and message text, will be assumed to be accurate as they are collected directly from the responsible platform holder. Personal data may be collected as part of the dataset, but not processed as research findings.

Publicly available datasets will also be analysed, such as the Twitter IEEE Data Port and Chatter datasets (e.g.,;

Who is personal data shared with externally?

Whilst this information is collected from external sources, there is no re-sharing of personal data externally by the research team. Personal data (such as profile id) will be anonymised to eliminate identification risks.

How secure is the information?

Data will be encrypted (to AES-256 standards).

Who keeps the information updated?

The principal investigator and his research team.

How long is the information kept for?

The Edinburgh Napier Data Management Policy will be followed that requires research data to be retained after project completion if they substantiate research findings, are of potential long-term value or support a patent for at least 10 years. The social network data, including ID and any other personal data will be permanently deleted five years after the end of the project. We believe there would be value in us retaining the dataset for 5 years beyond the current exercise in order to be able to respond to any questions that arise from the analysis, and to publish findings in research journals and conferences.

Will the data be used for any automated decision making?


Is information transferred to a third country?