On July 16th, 2020, the European Court of Justice (CJEU) struck down the Privacy Shield that secured unrestricted EU-US data flow on the grounds that personal data transferred to and stored in the US could not be guaranteed an adequate level of data protection as that under the GDPR. The decision by the CJEU to rule the Privacy Shield invalid renders the US a non-adequate country without any special access to Europe’s personal data streams. The CJEU however, validated the Standard Contractual Clauses (SCCs), another commonly used mechanism for transatlantic data transfers, saying that this mechanism does make it possible in practice to ensure compliance with the level of protection required by EU law. Mouseflow has Standard Contractual Clauses (SCCs) in place with all subcontractors within the United States.