Using Open Standards to Comply with GDPR