HTTPS only protects you from MiM (man in the middle) attackers. It doesn’t protect either end of the conversation from the other.

Imagine conversing with someone trough post. Your envelopes are such that nobody can open them except you and that person can open or seal them. When you send a letter, you know only the intended recipient will be able to read it. When you receive a sealed letter, you know only that person could have sealed it. You know none is compromising or reading the conversation. This doesn’t prevent the person you are talking with (which would be mr. Facebook in this case) from keeping data about you (which you’re sending), or even trying to scam you in some way.