Mobile Apps and the GDPR