Privacy Policy
Last updated: 23 June 2026
Project 54 is the trading brand of Beeyawn Ltd, a company registered in the United Kingdom (“Project 54,” “we,” “our,” or “us”). We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains what information we collect, how we use it, how we handle data obtained through connected social media platforms, and the rights you have under applicable data protection laws, including the UK GDPR, the EU General Data Protection Regulation (GDPR), and the California Consumer Privacy Act (CCPA) where applicable.
This policy applies to our website, our services, and any applications or tools we operate that connect to third-party platforms such as LinkedIn, Meta (Facebook and Instagram), and X (formerly Twitter).
1. Who We Are
Project 54 is an energy-sector marketing agency operating as a brand of Beeyawn Ltd. For all data protection purposes, Beeyawn Ltd is the data controller responsible for the personal data described in this policy.
Contact for privacy matters: info@projectfifty4.com
2. Information We Collect
2.1 Information you give us directly
When you submit a form on our website, we may collect:
- Full name
- Work email address
- Region of focus
- Information you choose to share in the “How can we help you” field
We do not knowingly collect sensitive personal data or payment information through our website forms.
2.2 Information we collect through connected social media accounts
We operate social media management tools that allow authorised members of our team (and, where applicable, our clients) to publish content, schedule posts, and review performance analytics for social media accounts and pages they own or are authorised to manage. When an account is connected to our tools through a platform’s official authorisation process, we may access and process the following categories of data, strictly limited to what each platform grants and what is necessary to provide the service:
- Account and page identifiers — the account, page, or organisation name and ID needed to publish on the correct profile.
- Authentication tokens — secure access tokens issued by the platform when a user grants permission. These let us act only on the connected account and only for the permissions granted.
- Content you create — posts, captions, images, videos, and scheduling details that you choose to publish or store through our tools.
- Engagement and analytics data — aggregate metrics such as impressions, reactions, comments, shares, clicks, and follower counts, used to report on the performance of published content.
- Limited profile information of people who engage — where a platform makes it available, basic public profile details of members who comment on or engage with managed content, shown only to the authorised account manager for the purpose of community management.
We only access this data after a person with the appropriate role on that account explicitly authorises the connection through the platform’s official OAuth flow, and we only retain it for as long as needed to provide the service.
2.3 Information we collect automatically
Our website may collect standard technical information such as IP address, browser type, and pages visited, through cookies and similar technologies, for basic functionality and analytics.
3. How We Use Your Information
We use personal data only to:
- Respond to your inquiry and understand your needs
- Provide relevant information about our services
- Publish, schedule, and manage social media content on accounts we are authorised to manage
- Generate performance reports and analytics for connected accounts
- Operate, maintain, and improve our website, tools, and communications
- Comply with our legal and contractual obligations
We do not sell or rent your personal information to third parties. We do not use data obtained through connected social media platforms for advertising profiling, resale, or any purpose other than providing the agreed service to the account owner.
4. Legal Basis for Processing (UK GDPR / EU GDPR)
If you are located in the United Kingdom or the European Economic Area (EEA), our legal bases for processing your data are:
- Consent — when you voluntarily submit your details via our form, or when you authorise a social media account connection.
- Legitimate interests — to communicate with potential clients and partners, and to operate our services, balanced against your rights and freedoms.
- Contract — where processing is necessary to deliver services to a client under an agreement.
You may withdraw consent at any time (see Section 10).
5. Data Obtained Through Social Media Platforms
Our use of information received from LinkedIn, Meta, X, and any other connected platform complies with each platform’s developer terms and policies, including the LinkedIn Marketing API Terms and LinkedIn API Terms of Use, the Meta Platform Terms and Developer Policies, and the X Developer Agreement and Policy. In particular:
- We access platform data only with the explicit, express and informed authorisation of the account owner or an authorised administrator, obtained through the platform’s official OAuth authorisation flow. Authentication alone does not constitute consent; we make clear what data we access and what we do on the user’s behalf before any action is taken.
- We request only the minimum permissions (scopes) necessary to provide our publishing, scheduling, and analytics services.
- We use platform data solely to provide those services to the authorising account and do not repurpose, sell, license, or transfer it.
- We do not use platform data to build independent profiles of individuals, to retarget advertising, or for any purpose the platform restricts.
- We store access tokens securely and use them only to perform actions the user has authorised.
- We honour all data deletion and revocation requirements of each platform. If a user disconnects an account or revokes permission — either within our tools or directly in the platform’s settings — we cease accessing that account’s data and delete stored tokens and associated cached data, except where retention is required by law.
- If content is deleted or modified on a platform, we delete or modify the corresponding stored content as soon as reasonably possible, and in any event within 24 hours of a deletion or modification on the platform or a request from the platform or account owner, in line with the X Developer Policy and equivalent platform requirements.
- If a platform notifies us that data must be deleted, or that our access has been restricted, we comply promptly.
Each platform also maintains its own privacy policy governing how it handles your data on its own services. We encourage you to review the privacy policies of LinkedIn, Meta, and X directly.
6. How to Request Deletion of Your Data
You can request deletion of any personal data we hold, or revoke a connected social media account, at any time:
- Connected accounts (self-service): disconnect the account within our tools, or revoke our application’s access directly in the platform’s settings (LinkedIn, Meta, or X). On disconnection or revocation we delete the stored access tokens and associated cached data for that account, except where retention is required by law.
- By email: send a deletion request to info@projectfifty4.com with the subject line “Data Deletion Request.” We will verify your request and delete the relevant data without undue delay, and confirm once complete.
We delete user data without undue delay when a user disconnects or deletes their account, when the data is no longer necessary to provide the service, when deletion is requested by the user or a platform, or when deletion is required by applicable law.
7. Data Retention
We keep personal data only as long as necessary for the purpose it was collected:
- Website inquiry data is kept only as long as needed to respond to your inquiry or maintain a business relationship.
- Social media tokens and connected-account data are kept only while the account remains connected and the service is active. When an account is disconnected or a client relationship ends, we delete the associated tokens and cached data within a reasonable period, unless a longer retention period is required by law.
- Aggregate, anonymised performance statistics that contain no personal data may be retained for historical reporting.
8. Sharing Your Data
We may share information with trusted service providers who help us operate our website, tools, and communications (for example, hosting and email services). These providers are contractually bound to protect your information and may only process it on our instructions.
We may also share data:
- With a client, where we manage social media accounts on that client’s behalf and the data relates to that client’s accounts.
- Where required by law, regulation, or valid legal process.
We do not sell personal data, and we do not share social media platform data except as needed to deliver the authorised service.
9. International Transfers
We are based in the United Kingdom and may process data in the UK, the EEA, and other countries where our service providers operate. Where data is transferred outside the UK or EEA, we ensure appropriate safeguards are in place, such as the UK International Data Transfer Agreement or EU Standard Contractual Clauses.
10. Your Rights
Depending on your location, you may have the following rights over your personal data:
- Access the personal data we hold about you
- Request correction of inaccurate or incomplete data
- Request deletion of your data (“right to be forgotten”)
- Object to or restrict processing of your data
- Request a copy of your data in a portable format
- Withdraw consent at any time
- Disconnect any connected social media account and have associated tokens and data deleted
- (For California residents) Know what categories of personal information we collect, and the right not to be discriminated against for exercising your rights
To exercise any of these rights, contact us at info@projectfifty4.com. We will respond within the timelines required by applicable law.
You also have the right to lodge a complaint with a supervisory authority — in the UK, the Information Commissioner’s Office (ICO).
11. Cookies
Our website may use cookies for basic functionality and analytics. You can control cookies through your browser settings. Disabling cookies may affect some website features.
12. Security
We take appropriate technical and organisational measures to protect your data, including secure storage of authentication tokens and restricted access to connected-account data. However, no system is completely secure, and we cannot guarantee absolute security.
13. Children’s Privacy
Our services are intended for businesses and professionals. We do not knowingly collect personal data from anyone under the age of 18.
14. Changes to This Policy
We may update this Privacy Policy from time to time. The “Last updated” date at the top reflects the most recent revision. Material changes will be communicated where appropriate.
15. Contact Us
If you have questions about this Privacy Policy or how we handle your data, please contact us:
Project 54 (a brand of Beeyawn Ltd)
Email: info@projectfifty4.com
Address: Heliosgatan 13, 120 78, Stockholm, Sweden
This policy is designed to meet the requirements of the UK GDPR, EU GDPR, and CCPA, and to satisfy the developer and platform terms of LinkedIn, Meta (Facebook and Instagram), and X (formerly Twitter) for applications that connect to their APIs.