Signal vs Tuta
Based on our analysis, Tuta is the more privacy-respecting choice overall.
BACK →| Category | Signal | Tuta |
|---|---|---|
| Overall | A · 87/100 | A · 91/100 |
| What they collect | Positive (88) | Positive (90) |
| Who they share it with | Positive (88) | Positive (88) |
| What you can do | Mixed (78) | Positive (87) |
| What they promise | Positive (86) | Positive (91) |
Signal is a nonprofit that genuinely cannot read your messages or listen to your calls — the encryption is architectural, not a promise — but it requires a real phone number to register, is subject to US law, and its privacy policy is conspicuously sparse: it hasn't been substantively updated since 2018 and lacks the specific retention periods, GDPR rights, or DPO contact that more thorough policies provide.
View full analysis →Tuta is a German E2E-encrypted email service that genuinely can't read your emails, stores all data in ISO 27001-certified German data centres, uses no cookies and no third-party analytics, and has a policy short enough to actually read — the main caveats are that some metadata (sender/recipient addresses, timestamps) is stored unencrypted, and campaign tracking via hashed connection data is present.
View full analysis →