I do not typically recommend the Telegram application for private messaging, neither to technical neophytes nor to those of us more advanced in the ways of InfoSec.
Especially because any people who would be willing to get a more secure messaging application might as well get an app backed by more solid encryption & a UX with more secure defaults. Which Telegram is, well, not.
I have come across some reviews of Telegram's implementation. The Telegram creators "rolled their own" custom built encryption algorithm, and made some questionable choices in the process.
Chats are not encrypted by default.
Telegram developers can in overwhelming majority of cases read peoples' messages. And I have heard rumors, though I cannot confirm them, that some Telegram server operators have begun to exercise some minimal editorial prerogatives by monitoring and removal of content they deem objectionable. Perhaps there's a rationale for that, but "we find your message content objectionable" doesn't reassure me that my message content is private.
TLDR: Telegram's private chats are more secure than SMS, and have, by dint of hard work, earn the coveted "banned in Russia/Iran" stamp of approval. But Telegram's relatively good UI hides a relatively questionable underlying implementation.
It's not just me. Others are skeptical of Telegram's underlying security as well, especially in comparison to applications designed for the purpose of keeping message content private by default, like Signal Private Messenger or Keybase.
Links that at least good for showing "I'm not the only grumpy troll out there who's skeptical of this BS.":