Cybersecurity Risk Management, Strategy and Governance	12 Months Ended
Dec. 31, 2025
Cybersecurity Risk Management, Strategy, and Governance [Line Items]
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]	ITEM 16K. CYBERSECURITY We rely on communications and information systems to conduct our business. In the ordinary course of business we collect and store sensitive data, including our own intellectual property and other proprietary business information and that of our collaboration partners, suppliers and business partners, as well as personally identifiable information of our employees in our data centers and on our networks or in the cloud. Cybersecurity Risk Management At Immatics N.V., cybersecurity risk management is an integral part of our overall enterprise risk management program. Our cybersecurity risk management program is based on industry best practices and provides a framework for handling cybersecurity threats and incidents, including threats and incidents associated with the use of applications developed and services provided by third-party service providers and facilitates coordination across different departments of our company. This framework includes steps for assessing the severity of a cybersecurity threat, identifying the source of a cybersecurity threat, including whether the cybersecurity threat is associated with a third-party service provider, implementing cybersecurity countermeasures and mitigation strategies and informing management and our Board of material cybersecurity threats and incidents. Our cybersecurity team also engages third-party security experts for risk assessment and system enhancements. The Center for Internet Security (“CIS”) has a cybersecurity program which has been designed to balance the need to conduct business and the need to protect confidential information. In addition, our cybersecurity team provides training to all employees. All employees are held accountable for maintaining cybersecurity through adherence to the Information Security Policy and IT Acceptable Use Policy. A mandatory Security Awareness Program is in place for all new hires and annual training for all employees. This includes policy acknowledgement, training videos and regular updates in company-wide meetings. Our Board has overall oversight responsibility for our risk management, and delegates cybersecurity risk management oversight to the Audit Committee. The Audit Committee is responsible for ensuring that management has processes in place designed to identify and evaluate cybersecurity risks to which the company is exposed and implement processes and programs to manage cybersecurity risks and mitigate cybersecurity incidents. The Audit Committee is provided security metrics on cybersecurity and data protection programs in accordance with the control framework established by the Center for Internet Security controls on a regular basis and also reports material cybersecurity risks to our full Board. Management is responsible for identifying, considering and assessing material cybersecurity risks on an ongoing basis, establishing processes to ensure that such potential cybersecurity risk exposures are monitored, putting in place appropriate mitigation measures and maintaining cybersecurity programs. Our cybersecurity programs are under the direction of our Chief Operating Officer, who receives reports through the Head of IT from our cybersecurity team and monitors the prevention, detection, mitigation and remediation of cybersecurity incidents. Management, including the COO, the Head of IT and our cybersecurity team, regularly update the Audit Committee on the Company’s cybersecurity programs, material cybersecurity risks and mitigation strategies and provide cybersecurity reports quarterly that cover, among other topics, developments in cybersecurity and updates to the company’s cybersecurity programs and mitigation strategies. Our Head of IT, who leads our cybersecurity function, holds a degree in computer science and has more than 20 years of experience in information technology, including managing IT systems and teams. Our cybersecurity team consists of two professionals, one with a degree in computer science and one with a formal IT apprenticeship, each with multiple years of experience in IT and cybersecurity-related roles, including security administration, monitoring and incident response support. In 2025, we did not identify any cybersecurity threats that have materially affected or are reasonably likely to materially affect our business strategy, results of operations or financial condition. However, despite our efforts, we cannot eliminate all risks from cybersecurity threats, or provide assurances that we have not experienced an undetected cybersecurity incident. For more information about these risks, please see “Risk Factors – Risks Related to Our Business and Industry” in this annual report on Form 20-F.
Cybersecurity Risk Management Third Party Engaged [Flag]	true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]	true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]	false
Cybersecurity Risk Board of Directors Oversight [Text Block]	Our Board has overall oversight responsibility for our risk management, and delegates cybersecurity risk management oversight to the Audit Committee. The Audit Committee is responsible for ensuring that management has processes in place designed to identify and evaluate cybersecurity risks to which the company is exposed and implement processes and programs to manage cybersecurity risks and mitigate cybersecurity incidents. The Audit Committee is provided security metrics on cybersecurity and data protection programs in accordance with the control framework established by the Center for Internet Security controls on a regular basis and also reports material cybersecurity risks to our full Board. Management is responsible for identifying, considering and assessing material cybersecurity risks on an ongoing basis, establishing processes to ensure that such potential cybersecurity risk exposures are monitored, putting in place appropriate mitigation measures and maintaining cybersecurity programs.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]	The Audit Committee is responsible for ensuring that management has processes in place designed to identify and evaluate cybersecurity risks to which the company is exposed and implement processes and programs to manage cybersecurity risks and mitigate cybersecurity incidents. The Audit Committee is provided security metrics on cybersecurity and data protection programs in accordance with the control framework established by the Center for Internet Security controls on a regular basis and also reports material cybersecurity risks to our full Board. Management is responsible for identifying, considering and assessing material cybersecurity risks on an ongoing basis, establishing processes to ensure that such potential cybersecurity risk exposures are monitored, putting in place appropriate mitigation measures and maintaining cybersecurity programs.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]	The Audit Committee is provided security metrics on cybersecurity and data protection programs in accordance with the control framework established by the Center for Internet Security controls on a regular basis and also reports material cybersecurity risks to our full Board. Management is responsible for identifying, considering and assessing material cybersecurity risks on an ongoing basis, establishing processes to ensure that such potential cybersecurity risk exposures are monitored, putting in place appropriate mitigation measures and maintaining cybersecurity programs.
Cybersecurity Risk Role of Management [Text Block]	Our cybersecurity programs are under the direction of our Chief Operating Officer, who receives reports through the Head of IT from our cybersecurity team and monitors the prevention, detection, mitigation and remediation of cybersecurity incidents. Management, including the COO, the Head of IT and our cybersecurity team, regularly update the Audit Committee on the Company’s cybersecurity programs, material cybersecurity risks and mitigation strategies and provide cybersecurity reports quarterly that cover, among other topics, developments in cybersecurity and updates to the company’s cybersecurity programs and mitigation strategies. Our Head of IT, who leads our cybersecurity function, holds a degree in computer science and has more than 20 years of experience in information technology, including managing IT systems and teams. Our cybersecurity team consists of two professionals, one with a degree in computer science and one with a formal IT apprenticeship, each with multiple years of experience in IT and cybersecurity-related roles, including security administration, monitoring and incident response support.
Cybersecurity Risk Management Positions or Committees Responsible [Flag]	true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]	Management, including the COO, the Head of IT and our cybersecurity team, regularly update the Audit Committee on the Company’s cybersecurity programs, material cybersecurity risks and mitigation strategies and provide cybersecurity reports quarterly that cover, among other topics, developments in cybersecurity and updates to the company’s cybersecurity programs and mitigation strategies. Our Head of IT, who leads our cybersecurity function, holds a degree in computer science and has more than 20 years of experience in information technology, including managing IT systems and teams. Our cybersecurity team consists of two professionals, one with a degree in computer science and one with a formal IT apprenticeship, each with multiple years of experience in IT and cybersecurity-related roles, including security administration, monitoring and incident response support.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block]	Our Head of IT, who leads our cybersecurity function, holds a degree in computer science and has more than 20 years of experience in information technology, including managing IT systems and teams. Our cybersecurity team consists of two professionals, one with a degree in computer science and one with a formal IT apprenticeship, each with multiple years of experience in IT and cybersecurity-related roles, including security administration, monitoring and incident response support.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]	Our cybersecurity programs are under the direction of our Chief Operating Officer, who receives reports through the Head of IT from our cybersecurity team and monitors the prevention, detection, mitigation and remediation of cybersecurity incidents.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]	true

Cybersecurity Risk Management, Strategy and Governance

12 Months Ended

Dec. 31, 2025

Cybersecurity Risk Management, Strategy, and Governance [Line Items]

Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

ITEM 16K. CYBERSECURITY

We rely on communications and information systems to conduct our business. In the ordinary course of business we collect and store sensitive data, including our own intellectual property and other proprietary business information and that of our collaboration partners, suppliers and business partners, as well as personally identifiable information of our employees in our data centers and on our networks or in the cloud.

Cybersecurity Risk Management

At Immatics N.V., cybersecurity risk management is an integral part of our overall enterprise risk management program. Our cybersecurity risk management program is based on industry best practices and provides a framework for handling cybersecurity threats and incidents, including threats and incidents associated with the use of applications developed and services provided by third-party service providers and facilitates coordination across different departments of our company. This framework includes steps for assessing the severity of a cybersecurity threat, identifying the source of a cybersecurity threat, including whether the cybersecurity threat is associated with a third-party service provider, implementing cybersecurity countermeasures and mitigation strategies and informing management and our Board of material cybersecurity threats and incidents. Our cybersecurity team also engages third-party security experts for risk assessment and system enhancements. The Center for Internet Security (“CIS”) has a cybersecurity program which has been designed to balance the need to conduct business and the need to protect confidential information. In addition, our cybersecurity team provides training to all employees. All employees are held accountable for maintaining cybersecurity through adherence to the Information Security Policy and IT Acceptable Use Policy. A mandatory Security Awareness Program is in place for

all new hires and annual training for all employees. This includes policy acknowledgement, training videos and regular updates in company-wide meetings.

Our Board has overall oversight responsibility for our risk management, and delegates cybersecurity risk management oversight to the Audit Committee. The Audit Committee is responsible for ensuring that management has processes in place designed to identify and evaluate cybersecurity risks to which the company is exposed and implement processes and programs to manage cybersecurity risks and mitigate cybersecurity incidents. The Audit Committee is provided security metrics on cybersecurity and data protection programs in accordance with the control framework established by the Center for Internet Security controls on a regular basis and also reports material cybersecurity risks to our full Board. Management is responsible for identifying, considering and assessing material cybersecurity risks on an ongoing basis, establishing processes to ensure that such potential cybersecurity risk exposures are monitored, putting in place appropriate mitigation measures and maintaining cybersecurity programs.

Our cybersecurity programs are under the direction of our Chief Operating Officer, who receives reports through the Head of IT from our cybersecurity team and monitors the prevention, detection, mitigation and remediation of cybersecurity incidents. Management, including the COO, the Head of IT and our cybersecurity team, regularly update the Audit Committee on the Company’s cybersecurity programs, material cybersecurity risks and mitigation strategies and provide cybersecurity reports quarterly that cover, among other topics, developments in cybersecurity and updates to the company’s cybersecurity programs and mitigation strategies. Our Head of IT, who leads our cybersecurity function, holds a degree in computer science and has more than 20 years of experience in information technology, including managing IT systems and teams. Our cybersecurity team consists of two professionals, one with a degree in computer science and one with a formal IT apprenticeship, each with multiple years of experience in IT and cybersecurity-related roles, including security administration, monitoring and incident response support.

In 2025, we did not identify any cybersecurity threats that have materially affected or are reasonably likely to materially affect our business strategy, results of operations or financial condition. However, despite our efforts, we cannot eliminate all risks from cybersecurity threats, or provide assurances that we have not experienced an undetected cybersecurity incident. For more information about these risks, please see “Risk Factors – Risks Related to Our Business and Industry” in this annual report on Form 20-F.

Cybersecurity Risk Management Third Party Engaged [Flag]

true

Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]

true

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]

false

Cybersecurity Risk Board of Directors Oversight [Text Block]

Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]

The Audit Committee is responsible for ensuring that management has processes in place designed to identify and evaluate cybersecurity risks to which the company is exposed and implement processes and programs to manage cybersecurity risks and mitigate cybersecurity incidents. The Audit Committee is provided security metrics on cybersecurity and data protection programs in accordance with the control framework established by the Center for Internet Security controls on a regular basis and also reports material cybersecurity risks to our full Board. Management is responsible for identifying, considering and assessing material cybersecurity risks on an ongoing basis, establishing processes to ensure that such potential cybersecurity risk exposures are monitored, putting in place appropriate mitigation measures and maintaining cybersecurity programs.

Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]

The Audit Committee is provided security metrics on cybersecurity and data protection programs in accordance with the control framework established by the Center for Internet Security controls on a regular basis and also reports material cybersecurity risks to our full Board. Management is responsible for identifying, considering and assessing material cybersecurity risks on an ongoing basis, establishing processes to ensure that such potential cybersecurity risk exposures are monitored, putting in place appropriate mitigation measures and maintaining cybersecurity programs.

Cybersecurity Risk Role of Management [Text Block]

Cybersecurity Risk Management Positions or Committees Responsible [Flag]

true

Cybersecurity Risk Management Positions or Committees Responsible [Text Block]

Management, including the COO, the Head of IT and our cybersecurity team, regularly update the Audit Committee on the Company’s cybersecurity programs, material cybersecurity risks and mitigation strategies and provide cybersecurity reports quarterly that cover, among other topics, developments in cybersecurity and updates to the company’s cybersecurity programs and mitigation strategies. Our Head of IT, who leads our cybersecurity function, holds a degree in computer science and has more than 20 years of experience in information technology, including managing IT systems and teams. Our cybersecurity team consists of two professionals, one with a degree in computer science and one with a formal IT apprenticeship, each with multiple years of experience in IT and cybersecurity-related roles, including security administration, monitoring and incident response support.

Cybersecurity Risk Management Expertise of Management Responsible [Text Block]

Our Head of IT, who leads our cybersecurity function, holds a degree in computer science and has more than 20 years of experience in information technology, including managing IT systems and teams. Our cybersecurity team consists of two professionals, one with a degree in computer science and one with a formal IT apprenticeship, each with multiple years of experience in IT and cybersecurity-related roles, including security administration, monitoring and incident response support.

Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]

Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]

true