Privacy policy
Last updated: 2026-04-27
What we collect
To operate Signal, we collect: account information you provide (name, email, company), the content you bring into Signal (data sources, files, conversations), telemetry about how you use the product (pages visited, features used, errors encountered), and standard server logs (IP address, browser info, timestamps). We do not sell, rent, or share this information with advertisers.
How we use it
Account data is used to authenticate you and to communicate with you about your account. Content data is used to operate Machines on your behalf — the data is read, processed, and stored in your tenant. Telemetry is used to operate, debug, and improve the product. We do not use your content to train shared foundation models, and we do not pool your content with other customers' content.
Where it lives
Signal hosts data in cloud regions selected by your account configuration (default: US). Per-tenant encryption keys are managed in our key-management service. Backups are encrypted and retained for the period described in your contract.
How long we keep it
Active account and content data is retained for as long as your account is active. On request, we delete content within 24 hours and propagate deletion to all backing stores. Account records associated with billing or legal obligations are retained for the period required by law.
Your rights
You can access, export, correct, and delete the data associated with your account. Requests should be sent to privacy@signal.ml. We respond within 30 days, or sooner if required by your jurisdiction.
Subprocessors
Signal uses a small set of trusted infrastructure providers (compute, storage, observability, payments). The current list, with each subprocessor's role and region, is available on request and will be published here in the final version of this policy.
Contact
Privacy questions: privacy@signal.ml. General contact: hello@signal.ml.