Recommendations
It is necessary to define the keeping time of personal data for each record separately.
It is necessary to insert an article that will envisage the application of technical and organizational measures for secrecy and protection of personal data.