README.md in kms_encrypted-0.1.3 vs README.md in kms_encrypted-0.1.4

@@ -35,11 +35,11 @@
 add_column :users, :encrypted_email, :text
 add_column :users, :encrypted_email_iv, :text
 add_column :users, :encrypted_kms_key, :text
 ```
 
-Create an [Amazon Web Services](https://aws.amazon.com/) account if you don’t have one. KMS works great whether or not you use other AWS services.
+Create an [Amazon Web Services](https://aws.amazon.com/) account if you don’t have one. KMS works great whether or not you run your infrastructure on AWS.
 
 Create a [KMS master key](https://console.aws.amazon.com/iam/home#/encryptionKeys) and set it in your environment ([dotenv](https://github.com/bkeepers/dotenv) is great for this)
 
 ```sh
 KMS_KEY_ID=arn:aws:kms:...
@@ -201,13 +201,15 @@
         }
     ]
 }
 ```
 
-If a system can only encrypt, you must clear out existing data keys before updates.
+If a system can only encrypt, you must clear out existing data and data keys before updates.
 
 ```ruby
-user.encrypted_kms_key = nil # before user.save
+user.encrypted_email = nil
+user.encrypted_kms_key = nil
+# before user.save or user.update
 ```
 
 To decrypt the data, use a policy with:
 
 ```json