Nowadays, a majority of apps require you to sign up with your email or even worse your phone number. If you have a phone number attached to your name, meaning you went to a cell service/phone provider, and you gave them your ID, then no matter what app you use, no matter how private it says it is, it is not private. There is NO exception to this. Your identity is instantly tied to that account.
Signal is not private. I recommend Simplex or another peer to peer onion messaging app. They don’t require email or phone number. So as long as you protect your IP you are anonymous
This means nothing when you have no idea what code the server is running, they even went a whole year without publishing their server code updates, until they got a lot of backlash over it. Real security doesn’t require a “just trust us” claim.
Also, metadata is content. Even if they don’t have the message text, Signal still has the real identities of everyone you talked to, and when. With that you can build social network graphs, which are far easier to harvest and more useful anyway than trying to read through message content and determine meaning.