h4 for subheads

_includes/markdown/Structure.md

@@ -75,7 +75,7 @@ With some projects, using an automated dependency manager won't make sense. In s
 <h3 id="privacy">Privacy {% include Util/top %}</h3>
 Handling of user data is important from both a legal and a trust perspective Projects should document user data that is collected and stored and ensure compliance with the GDPR.
 
-### Privacy Development Best Practices
+#### Privacy Development Best Practices
 - Projects should document user data that is collected and stored
   - What data collected and what is stored?
   - How and where is the data stored?
@@ -102,13 +102,13 @@ Handling of user data is important from both a legal and a trust perspective Pro
 - Data expiry: data should only be stored as long as necessary and should be kept up to date.
 - Third party services used should be GDPR compliant - any service or scripts running on the site should be evaluated for compliance.
 
-### Privacy audit
+#### Privacy audit
 - Existing sites should be audited for privacy concerns
   - Review all data collected from users, including by browsers or other automatic sources
   - Review and search database for user data
   - Review data sent to third party APIs
 
-### Resources
+#### Resources
 [Wikipedia: General Data Protection Regulation
 ](https://en.wikipedia.org/wiki/General_Data_Protection_Regulation)
 [Privacy Policy Snippets](https://github.com/gdpr-compliance/info/blob/master/Privacy-policy-snippets.md)