Telegram is actually worse because chats by default aren’t end-to-end encrypted, so the company can see everything you write unless you manually create an encrypted chat. WhatsApp’s chats are still end-to-end encrypted by default, despite the ToS changes.
The safest bets in my opinion should be other end-to-end encrypted messengers like Element (or any other client for the Matrix protocol), Wire, Signal, …
I think the killer feature for most people was simply that anyone whose number you had in your phone’s address book would, without any further configuration, become available as a WhatsApp contact if they, too, had installed the app. That made it usable even by people so unfamiliar with technology that the concept of creating an account was foreign to them. No password, no username, just your phone’s address book and the app, that’s it. Open IM technologies at the time like XMPP didn’t have this (at least to my knowledge), and even today, while Matrix has this feature via identity servers, it takes manual effort to set it up (as it should be, though it could be streamlined somewhat in Element AFAICT).