[Silhouette]

It's worth noting that the specific objections to using Stripe there seem to be reasonable. Stripe has actively recommended that merchants include their scripts on all pages of the merchant's site and not just the payment pages, so that Stripe could track and analyse visitor behaviour to look for warning signs of high risk transactions. Given that a visitor to the merchant's site might never visit a Stripe-backed payment page or make any purchase using Stripe, this has always seemed a questionable degree of tracking under the EU rules, even if the intentions might have been honest.

Personally I'd be more worried that many payments using cards and other methods rely on underlying US-based infrastructure, so the actual payment processing itself could fall foul of EU data transfer rules. Obviously you can't record financial transactions properly without the various parties involved in implementing the transaction having records that will necessarily include personal data (and potentially sensitive personal data at that, depending on who a payment was being made from and to). And you most likely have all kinds of legal obligations under financial regulation to keep those records. But if there is some sort of blanket ban on processing EU personal data by any US service, that's a big problem.