Data Protection Officer and the GDPR Legal Requirement