Signal vs Tresorit
Based on our analysis, Signal is the more privacy-respecting choice overall.
BACK →| Category | Signal | Tresorit |
|---|---|---|
| Overall | A · 87/100 | B+ · 83/100 |
| What they collect | Positive (88) | Mixed (72) |
| Who they share it with | Positive (88) | Mixed (74) |
| What you can do | Mixed (78) | Positive (84) |
| What they promise | Positive (86) | Positive (82) |
Signal is a nonprofit that genuinely cannot read your messages or listen to your calls — the encryption is architectural, not a promise — but it requires a real phone number to register, is subject to US law, and its privacy policy is conspicuously sparse: it hasn't been substantively updated since 2018 and lacks the specific retention periods, GDPR rights, or DPO contact that more thorough policies provide.
View full analysis →Tresorit is an encrypted cloud storage service based in Switzerland that genuinely cannot access your files; it holds ISO 27001 certification, stores data primarily in the EEA, and gives 30 days' notice of material policy changes — but it records and transcribes sales calls with AI bots, uses Facebook and Google for ad targeting, collects app usage analytics, and business-plan admins can access employees' encrypted files via a recovery master key.
View full analysis →