During its 41st plenary session, the European Data Protection Board (EDPB ) adopted recommendations on measures that supplement transfer tools to ensure compliance with the EU level of protection of personal data, as well as recommendations on the European Essential Guarantees for surveillance measures. Both documents were adopted as a follow-up to the Court of Justice of the European Union (CJEU) 'Schrems II' ruling. As a result of the ruling, data controllers relying on Standard Contractual Clauses (SCCs) are required to verify, on a case-by-case basis and, where appropriate, in collaboration with the recipient of the data in the third country, if the law of the third country ensures a level of protection of the personal data transferred that is essentially equivalent to that guaranteed in the European Economic Area (EEA). The CJEU allowed exporters to add measures that are supplementary to the SCCs to ensure effective compliance with that level of protection where the safeguards contained in SCCs are not sufficient. In addition, the EDPB adopted recommendations on the European Essential Guarantees for surveillance measures. The European Essential Guarantees recommendations provide data exporters with elements to determine if the legal framework governing public authorities' access to data for surveillance purposes in third countries can be regarded as a justifiable interference with the rights to privacy and the protection of personal data, and therefore as not impinging on the commitments of the Article 46 GDPR transfer tool the data exporter and importer rely on.