Privacy Policy

Stichting New Momentum (the New Momentum Foundation) aims to strengthen open debate and media literacy in the digital society. To achieve this, we develop methods, tools, and systems to investigate social and societal undercurrents on social media. These tools and systems are available under an open-source license (CC BY-NC) to companies, institutes, and NGOs, and thereby contribute to academic research, journalistic productions, and campaigns for social and behavioral change. We also actively participate in (research) consortia at the intersection of social media and social change and publish about it in popular media and academic journals.

General
When a client or (potential) partner organization contacts us to start a project or research, we need some personal data from them. These are general data such as a name, email address, and phone number. We only use this personal data for the purpose(s) for which we received it. For example, we do not send marketing materials unless we have received permission. We also do not share data with third parties unless indicated otherwise or if there is a legal obligation.

We use our tools and systems for data gathering, analysis, and visualization during the execution of research within (research) consortia in which we participate. We outsource commercial (research) work to New Momentum BV, a subsidiary fully controlled by the New Momentum Foundation, which adheres to a strict privacy policy in line with the goals of the Foundation. Commercial use by other/external organizations is excluded to protect the goals of the Foundation.

When our tools and systems are used by organizations other than the New Momentum Foundation and New Momentum BV, the responsibility for processing personal data lies with the organization using the tools and systems. They will have to implement the tools and systems themselves within their IT infrastructure and/or enlist the help of New Momentum BV.

Research, data sources, and algorithms
We start every research project by specifically searching for public social media posts and/or profiles related to the subject of the research. For example: posts with statements about social and societal issues or campaigns. We investigate patterns, not profiles. In our presentations and reports, we will rarely highlight individual messages or users unless they are public figures. This complies with European privacy legislation (AVG).

We collect data that we anonymize from:

  • Twitter: Twitter data is collected via the Twitter API 2.0. Twitter has audited our use case and granted us Elevated Access, which means we can collect data faster and more comprehensively than is possible with public access to the API. Since April 2023, Twitter requires all API users to pay for access.
  • YouTube: We collect YouTube data via the YouTube Data API. YouTube has audited our use case and increased our rate limits, which means we can collect data faster than with public access.
  • Instagram and TikTok: We obtain Instagram and TikTok data from various external providers connected to the Rapid API platform. The data we collect there are public but not available in large quantities and within a short period. In some cases, we pay Rapid API to collect data faster.

The data from these sources are analyzed and processed using the following algorithms:

For all these cases, we combine quantitative and qualitative analysis techniques to interpret the findings of algorithms.

Security and retention periods
We do not keep data longer than necessary. For each project, for example, we store the collected data for up to one month after the transfer of the project results, after which the data is deleted from our files. Until then, we keep the data in a unique, protected database. Data collected within academic research projects are archived and securely stored in cold storage. We delete the data in accordance with the agreements made with the funding provider.

Third Parties
To conduct research safely and efficiently and to communicate with our clients during the execution of our projects, we use the following suppliers:

  • Microsoft (Office 365; Azure AD);
  • Proton (mail, agenda, file sharing, VPN);
  • Amazon (SSO; DynamoDB, S3, Neo4j)

We have a data processing agreement with each of these suppliers to ensure compliance with our obligations under the GDPR and to protect all data in our databases. The processing and storage of all data in our possession takes place within the area of the EEA/EU.

Your Rights
You have the right to access, rectify or erase your personal data, or restrict its processing, as well as the right to object to the processing and the right to data portability. You also have the right to withdraw your consent for processing where applicable.

The deletion of data is limited to where the data is necessary for the execution of a contract to which the data subject is a party, or for another necessary reason, such as a legal obligation.

For exercising your rights, complaints, and other inquiries, you can contact our privacy contact person via privacy@newmomentum.org. For additional information, you can also visit the website of the Dutch Data Protection Authority: https://www.autoriteitpersoonsgegevens.nl/nl.

28 April 2023.