AS a GDPR issue and to prevent entries being made in error, it would be better if users were logged out after a period of inactivity.
