Re: Segregation
To be honest, if the Americans can see your data while you're accessing a European online service, so can anyone else.
HTTPS, encryption, not using untrusted devices, checking certificates, etc. make life very hard for such agencies. Whether the traffic is visible to them or not, it doesn't really matter - your ISP or anyone who works there could also be doing the same without the above technologies.
Email? All bets are off anyway.
But if they are logging into your Office 365 from abroad without permission of GCHQ etc. then it means you've slipped up and given them your passwords. If not, they can't see it or need allied co-operation.
Sure, HTTPS evolves and old ciphers etc. have problems. But if you're on any up-to-date cloud service, pretty much you shouldn't have to worry.
To be honest, I'd be much more worried about what companies have been using Azure and Office 365 without proper EU data protection for all this time, because they haven't even cared what they've been doing with your data and whether it's legal.
Or simply Microsoft and/or GCHQ having a poke around themselves.
But if the NSA can log into your account in an EU datacentre without legal co-operation, so can anyone else.