This is Signal's combined Terms of Service and Privacy Policy, covering how the company handles your messages, calls, phone number, and account data when you use the Signal app. The most important thing to know is that Signal cannot read your messages or listen to your calls because everything is end-to-end encrypted — and Signal explicitly states it will never sell or monetize your personal data. Your phone number is required to create an account and is shared with third-party providers for verification purposes, so be aware that some minimal account data does leave Signal's systems.
Technical Summary
This document governs use of Signal Messenger LLC's private messaging and calling services, establishing contractual terms and data practices under California law with no explicit GDPR or CCPA legal basis articulations. The most significant obligations include Signal's categorical commitment to never sell, rent, or monetize personal data, and its technical architecture ensuring end-to-end encryption that prevents even Signal itself from accessing message content. Notably, the document imposes a $100 aggregate liability cap on all claims against Signal — an unusually low ceiling for a communications service — and requires all disputes to be resolved exclusively in California federal or state courts, with no arbitration clause or class action waiver present. The policy engages GDPR, CCPA, COPPA (minimum age 13), and FTC Act Section 5 frameworks, though it lacks explicit GDPR legal basis statements, data subject rights procedures, or a Data Protection Officer designation required for EU compliance. The effective date of May 25, 2018 coincides with GDPR enforcement commencement but the document does not address EU-specific rights such as erasure, portability, or objection, creating material compliance gaps for European user populations.
If Signal causes you any harm — no matter how serious — the most you can ever recover from them in total is $100, and you cannot claim lost profits or other consequential damages.
If you ever want to sue Signal or have a legal dispute, you must do so in California courts only, no matter where you live in the world, and California law applies to the dispute.
You must provide a real phone number to use Signal, and Signal or its partners will send you verification texts or calls to that number when you sign up.
If you allow it, Signal can check your phone's address book contacts to see which ones use Signal, by sending scrambled (hashed) versions of your contacts' phone numbers to Signal's servers.
Signal can change its rules at any time, and simply by continuing to use the app after a change, you are automatically agreeing to the new rules — even if you didn't read them.
Signal can suspend or permanently close your account at any time for any reason, including vague reasons like creating 'risk' for Signal, and you have no appeal process described.
Signal is technically unable to read your messages or listen to your calls because of how encryption works — your message history lives on your device, not Signal's servers.