GDPR Checklist - Practices to adopt as Business Norms