How Grocery Retailers Can Work Towards GDPR Compliance