Cybersecurity Risk Management and Strategy Disclosure |
12 Months Ended |
|---|---|
Dec. 31, 2025 | |
| Cybersecurity Risk Management, Strategy, and Governance [Line Items] | |
| Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block] | We have implemented and maintain various information security processes designed to identify, assess and manage material risks from cybersecurity threats to our critical computer networks, third party hosted services, communications systems, hardware and software, and our critical data, including intellectual property, confidential information that is proprietary, strategic or competitive in nature, and clinical trial data, or Information Systems and Data. Our information security function, legal team, and management board help identify, assess and manage the Company’s cybersecurity threats and risks. We identify and assess risks from cybersecurity threats by monitoring and evaluating our threat environment using various methods including, for example manual and automated tools, evaluating our and our industry’s risk profile, evaluating threats reported to us, audits, conducting threat assessments, and conducting tabletop incident response exercises. Depending on the environment, we implement and maintain various technical, physical, and organizational measures, processes, and policies designed to manage and mitigate material risks from cybersecurity threats to our Information Systems and Data, including, for example: an incident response plan, disaster recovery/business continuity plans, risk assessments, network security controls, access controls, vendor risk management processes, employee training, and written IT policies. Our assessment and management of material risks from cybersecurity threats are integrated into our overall risk management processes. For example, we prioritize and mitigate cybersecurity threats that we assess are more likely to lead to a material impact to our business. We use third-party service providers to assist us from time to time to identify, assess, and manage material risks from cybersecurity threats, including for example professional services firms, cybersecurity consultants, penetrating testing firms, and forensic investigators. We use third-party service providers to perform a variety of functions throughout our business, such as data hosting, contract research, and contract manufacturing. We have a vendor management program to manage cybersecurity risks associated with our use of these providers. Depending on the nature of the services provided, the sensitivity of the Information Systems and Data at issue, and the identity of the provider, our vendor management process may involve, for example, different assessments designed to help identify cybersecurity risks associated with a provider and imposing contractual obligations related to cybersecurity on the provider. For a description of the risks from cybersecurity threats that may materially affect the Company and how they may do so. See “Risk Factors—General Risks— If our data or information technology systems, or those of the third parties with whom we work, are or were compromised, we could experience adverse consequences resulting from such a compromise, including but not limited to, regulatory investigations or actions; litigation; fines and penalties; disruptions of our business operations; reputational harm; loss of revenue or profits; loss of customers or sales; and other adverse consequences.”
|
| Cybersecurity Risk Management Processes Integrated [Flag] | true |
| Cybersecurity Risk Management Processes Integrated [Text Block] | Our assessment and management of material risks from cybersecurity threats are integrated into our overall risk management processes. For example, we prioritize and mitigate cybersecurity threats that we assess are more likely to lead to a material impact to our business.
|
| Cybersecurity Risk Management Third Party Engaged [Flag] | true |
| Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] | true |
| Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] | false |
| Cybersecurity Risk Board of Directors Oversight [Text Block] | Our board of directors addresses the Company’s cybersecurity risk management as part of its general oversight function. The board of directors’ audit and finance committee is responsible for overseeing Company’s cybersecurity risk management processes, including oversight and mitigation of risks from cybersecurity threats. |
| Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] | Our cybersecurity incident response processes are designed to escalate certain cybersecurity incidents to members of management depending on the circumstances, including to Messers. Arican, Pitzner and Hendriks, who work with the Company’s incident response team to help the Company mitigate and remediate cybersecurity incidents of which they are notified. In addition, the Company’s incident response process includes reporting to the audit of the board of directors for certain cybersecurity incidents. |
| Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] | The board receives periodic reports from Mr. Arican concerning the Company’s significant cybersecurity threats and risk and the processes the Company has implemented to address them. The board also receives various reports, summaries or presentations related to cybersecurity threats, risk and mitigation. |
| Cybersecurity Risk Role of Management [Text Block] | Our cybersecurity risk assessment and management processes are implemented and maintained by certain Company management, including: •Baris Arican, Vice President of Information Technology. Mr. Arican has over 20 years experience in information technology/security at life sciences companies, including as the Chief Information Officer. •Michael Pitzner, General Counsel and Compliance Officer and Senior Vice President of Legal and Business Development. Mr. Pitzner worked in various senior legal roles at other life sciences companies prior to joining our company. •Robert Hendriks, Senior Vice President Finance and Principal Financial Officer. Mr. Hendriks worked in various senior finance roles at other life sciences companies prior to joining our company. Company management is responsible for hiring appropriate personnel, communicating key priorities to relevant personnel, helping prepare for cybersecurity incidents, approving cybersecurity processes. Our cybersecurity incident response processes are designed to escalate certain cybersecurity incidents to members of management depending on the circumstances, including to Messers. Arican, Pitzner and Hendriks, who work with the Company’s incident response team to help the Company mitigate and remediate cybersecurity incidents of which they are notified. In addition, the Company’s incident response process includes reporting to the audit of the board of directors for certain cybersecurity incidents. The board receives periodic reports from Mr. Arican concerning the Company’s significant cybersecurity threats and risk and the processes the Company has implemented to address them. The board also receives various reports, summaries or presentations related to cybersecurity threats, risk and mitigation.
|
| Cybersecurity Risk Management Positions or Committees Responsible [Flag] | true |
| Cybersecurity Risk Management Positions or Committees Responsible [Text Block] | Our cybersecurity risk assessment and management processes are implemented and maintained by certain Company management, including: •Baris Arican, Vice President of Information Technology. Mr. Arican has over 20 years experience in information technology/security at life sciences companies, including as the Chief Information Officer. •Michael Pitzner, General Counsel and Compliance Officer and Senior Vice President of Legal and Business Development. Mr. Pitzner worked in various senior legal roles at other life sciences companies prior to joining our company. •Robert Hendriks, Senior Vice President Finance and Principal Financial Officer. Mr. Hendriks worked in various senior finance roles at other life sciences companies prior to joining our company.
|
| Cybersecurity Risk Management Expertise of Management Responsible [Text Block] | Baris Arican, Vice President of Information Technology. Mr. Arican has over 20 years experience in information technology/security at life sciences companies, including as the Chief Information Officer. •Michael Pitzner, General Counsel and Compliance Officer and Senior Vice President of Legal and Business Development. Mr. Pitzner worked in various senior legal roles at other life sciences companies prior to joining our company. •Robert Hendriks, Senior Vice President Finance and Principal Financial Officer. Mr. Hendriks worked in various senior finance roles at other life sciences companies prior to joining our company.
|
| Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] | Company management is responsible for hiring appropriate personnel, communicating key priorities to relevant personnel, helping prepare for cybersecurity incidents, approving cybersecurity processes. Our cybersecurity incident response processes are designed to escalate certain cybersecurity incidents to members of management depending on the circumstances, including to Messers. Arican, Pitzner and Hendriks, who work with the Company’s incident response team to help the Company mitigate and remediate cybersecurity incidents of which they are notified. In addition, the Company’s incident response process includes reporting to the audit of the board of directors for certain cybersecurity incidents. The board receives periodic reports from Mr. Arican concerning the Company’s significant cybersecurity threats and risk and the processes the Company has implemented to address them. The board also receives various reports, summaries or presentations related to cybersecurity threats, risk and mitigation.
|
| Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] | true |