Actually a company based out of US jurisdiction and using TLS certs should be "safe" to use assuming they don't voluntarily share your info with any governments. It is expo exponentially harder to compel a country to compel a company to give up info.

Or you an use Off The Record Messaging which has perfect forward secrecy.