I’m not an expert but I’ll use this analogy.

Signal is you meeting a person who gives you secure devices. This person then can only ever provide the following information to someone else. From Signal website. “The phone number. the date and time a user registered with Signal and the last date of a user’s connectivity to the Signal service.” Only your device and your friends device can read the messages. It goes direct from you to them. The only way to read any message is having the device.

Telegram is like you making an agreement with another person. By default messages are encrypted but go to the other person for decryption before going to your friends device. This other person Telegram has and will give the phone number, messages, serverlogs, dates to legal entities by request. Now there is an option to bypass this person by using “secret chats” . This will make it so the message is directly from your device to their device. Telegram can’t read messages but as I understand they can still potentially have metadata, server logs of when messages are sent, how many, what device they are sent from. Bottomline is they have activity logs Signal can only provide the date you signed up and the last time you used the app. Not only that but just being on the Telegram platform which allows bots makes you a target. Bots will contact you like spam. Sending you harmful links, etc.

Almost every security person I’ve ever read says. “I use Signal”. Why wouldn’t you go with the service that by default has end to end encryption? Telegram makes it a option you have to select for each person. Both use your phone number.

These are very basic descriptions. I’m Happy to remove or update if I got anything wrong.

More signal encryption info