Go to Content

We are the flag of Portugal on the internet

Register DomainReserved Area

Quality and Information Security Policy

Mission

Ensure the correct operation and maintenance of .pt under a stable, resilient, and reliable technical infrastructure and management, pursuing a technological innovation policy oriented toward the needs of citizens and the national economic fabric, in compliance with the law and best digital practices.

Purpose

Promote the free and secure use of the internet, providing services of recognized excellence to the community, partners, and peers, and projecting Portugal's identity within the international digital ecosystem.

Values

  • Security
  • Transparency
  • Rigor
  • Ethic
  • Trust
  • Inclusion
  • Responsibility
  • Independence
  • Collaboration
  • Innovation

Commitment to Quality and Information Security

Within the scope of its operations, the .PT assumes and recognizes the fundamental need to commit to:

Reinforcing its partnership with the registrars, on a technical, legal and administrative level, achieving mutual benefits and, consequently, increasing the sustainable growth of domains registration and increasing the users and community satisfaction;

Promoting customer satisfaction, by providing an efficient and high quality service, based on simplifying and streamlining the registration process and reducing its costs;

Complying with international and national recommendations regarding the registration of domain names, management and maintenance requirements, both at a technical and administrative level. As well as, ensuring the compliance and safeguard of third party rights, particularly in terms of intellectual property;

Ensuring that the daily operations, as well as the long term and medium term plans and strategies, are  compliant with respective legal and regulatory requirements;

Valuing our human capital, by investing in improving employees’ skills, adopting policies that promote innovation, motivation, involvement and commitment to .PT's mission and goals; 

Ensure that networks, systems, technologies that support .PT activity operate with high levels of service and are kept technologically updated, and whenever vulnerabilities are identified, controls are implemented to protect the confidentiality, integrity, availability and privacy of the information;

Ensure that employees, providers and stakeholders are notified to comply with the security and privacy policies and requirements defined by .PT, and properly report any suspicion that the security or privacy of the information has been compromised. The .PT shall report to the relevant authorities high risk security incidents and any breach of personal data;

Ensure that the processing of personal data is carried out in a lawful, equitable, necessary and transparent manner, taking into account the existence of adequate technical and organizational measures to guarantee the authenticity, integrity and privacy of the data being processed, protecting the exercise of legally established rights.

Ensure business continuity by implementing measures to ensure the resilience of .PT against the adversity, and ensure the availability of information according to its typology, value and relevance, thus ensuring the maintenance and recovery of critical activities of the organization in a acceptable timeframe, minimizing the consequences of incidents for its stakeholders.

The .PT guides its operations to ensure its continuous improvement, by reviewing and updating its processes, policy and objectives, in line with international standards ISO 9001:2015 and ISO/IEC 27001:2022.

The .PT is open to communications and will continue to disclose its Policies, both internally and externally, keeping it current and available on its website www.pt.pt.

Exceptions

Any exception or deviation from this policy must be previously approved by .PT’s Board of Directors. Any deviation or non-compliance with this policy must be reported to .PT’s Security Manager via the email abuse@pt.pt.



Lisbon, 10 March 2025