Encryption & Tokenization as Effective GDPR Best Practices