diff --git a/submissions/description/sensitive_data_exposure/disclosure_of_secrets/non_corporate_user/recommendations.md b/submissions/description/sensitive_data_exposure/disclosure_of_secrets/non_corporate_user/recommendations.md
index e8f0a053..1f25ddb7 100644
--- a/submissions/description/sensitive_data_exposure/disclosure_of_secrets/non_corporate_user/recommendations.md
+++ b/submissions/description/sensitive_data_exposure/disclosure_of_secrets/non_corporate_user/recommendations.md
@@ -1,6 +1,6 @@
 # Recommendation(s)
 
-It is recommended to encrypt sensitive data, including secrets, both when at rest and when in transit. All data that is processed, stored, and transmitted by the application should be classified by business need, regulatory and industry requirements, and appropriate privacy laws.
+It is recommended to encrypt secrets belonging to non-corporate users both when at rest and when in transit. All data that is processed, stored, and transmitted by the application should be classified by business need, regulatory and industry requirements, and appropriate privacy laws.
 
 Additionally, it is best practice to not store sensitive data when it is no longer required, as data that is not retained cannot be accessed and used maliciously. All sensitive data including secrets should therefore be a part of a regularly reviewed maintenance cycle. This review cycle should include rotation of secrets.