-
Other audit services
We help clients with the application and use of foreign financial aid of EU and other funds and help prepare financial reports.
-
Audit calculator
The calculator will answer if the company's sales revenue, assets or number of employees exceed the limit of an inspection or audit.
-
Payroll and related services
We perform payroll accounting for companies whether they employ a few or hundreds of employees.
-
Tax accounting
Grant Thornton Baltic's experienced tax specialists support accountants and offer reasonable and practical solutions.
-
Reporting
We prepare annual reports in a timely manner. We help to prepare management reports and various mandatory reports.
-
Consolidation of financial statements
Our experienced accountants and advisors help you prepare consolidation tables and make the consolidation process more efficient.
-
Consultancy and temporary staff
Our experienced specialists advise on more complex accounting transactions, rectify poor historic accounting, and offer the temporary replacement of an accountant.
-
Outsourced CFO service
Our CFO service is suitable for companies of all sizes and in all industries. We offer services to our clients in the required amount and competences.
-
Assessment of accounting processes
We help companies to implement accounting practices that are in compliance with local and international standards.
-
Accounting services for small businesses
We offer affordable service for small businesses. We help organize processes as smartly and cost-effectively as possible.
-
Cryptocurrency accounting
We keep up with blockchain technology to serve and advise crypto companies. We are supported by a network of colleagues in 130 countries.
-
Trainings and seminars
Our accountants have experience in all matters related to accounting and reporting. We offer our clients professional training according to their needs.
-
Business advisory
We offer legal support to both start-ups and expanding companies, making sure that all legal steps are well thought out in detail.
-
Fintech advisory
Our specialists advise payment institutions, virtual currency service providers and financial institutions.
-
Corporate advisory
We advise on legal, tax and financial matters necessary for better management of the company's legal or organizational structure.
-
Transaction advisory
We provide advice in all aspects of the transaction process.
-
Legal due diligence
We thoroughly analyze the internal documents, legal relations, and business compliance of the company to be merged or acquired.
-
In-house lawyer service
The service is intended for entrepreneurs who are looking for a reliable partner to solve the company's day-to-day legal issues.
-
The contact person service
We offer a contact person service to Estonian companies with a board located abroad.
-
Training
We organize both public trainings and tailor made trainings ordered by clients on current legal and tax issues.
-
Whistleblower channel
At Grant Thornton Baltic, we believe that a well-designed and effective reporting channel is an efficient way of achieving trustworthiness.
-
Business model or strategy renewal
In order to be successful, every company, regardless of the size of the organization, must have a clear strategy, ie know where the whole team is heading.
-
Marketing and brand strategy; creation and updating of the client management system
We support you in updating your marketing and brand strategy and customer management system, so that you can adapt in this time of rapid changes.
-
Coaching and development support
A good organizational culture is like a trump card for a company. We guide you how to collect trump cards!
-
Digital services
Today, the question is not whether to digitize, but how to do it. We help you develop and implement smart digital solutions.
-
Sales organisation development
Our mission is to improve our customers' business results by choosing the right focuses and providing a clear and systematic path to a solution.
-
Business plan development
A good business plan is a guide and management tool for an entrepreneur, a source of information for financial institutions and potential investors to make financial decisions.
-
Due diligence
We perform due diligence so that investors can get a thorough overview of the company before the planned purchase transaction.
-
Mergers and acquisitions
We provide advice in all aspects of the transaction process.
-
Valuation services
We estimate the company's market value, asset value and other asset groups based on internationally accepted methodology.
-
Forensic expert services
Our experienced, nationally recognized forensic experts provide assessments in the economic and financial field.
-
Business plans and financial forecasts
The lack of planning and control of cash resources is the reason often given for the failure of many businesses. We help you prepare proper forecasts to reduce business risks.
-
Outsourced CFO service
Our CFO service is suitable for companies of all sizes and in all industries. We offer services to our clients in the required amount and competences.
-
Reorganization
Our experienced reorganizers offer ways to overcome the company's economic difficulties and restore liquidity in order to manage sustainably in the future.
-
Restructuring and reorganisation
We offer individual complete solutions for reorganizing the structure of companies.
-
Corporate taxation
We advise on all matters related to corporate taxation.
-
Value added tax and other indirect taxes
We have extensive knowledge in the field of VAT, excise duties and customs, both on the national and international level.
-
International taxation
We advise on foreign tax systems and international tax regulations, including the requirements of cross-border reporting.
-
Transfer pricing
We help plan and document all aspects of a company's transfer pricing strategy.
-
Taxation of transactions
We plan the tax consequences of a company's acquisition, transfer, refinancing, restructuring, and listing of bonds or shares.
-
Taxation of employees in cross-border operations
An employee of an Estonian company abroad and an employee of a foreign company in Estonia - we advise on tax rules.
-
Tax risk audit
We perform a risk audit that helps diagnose and limit tax risks and optimize tax obligations.
-
Representing the client in Tax Board
We prevent tax problems and ensure smooth communication with the Tax and Customs Board.
-
Taxation of private individuals
We advise individuals on personal income taxation issues and, represent the client in communication with the Tax and Customs Board.
-
Pan-Baltic tax system comparison
Our tax specialists have prepared a comparison of the tax systems of the Baltic countries regarding the taxation of companies and individuals.
-
Internal audit
We assist you in performing the internal audit function, performing internal audits and advisory work, evaluating governance, and conducting training.
-
Internal Audit in the Financial Services Sector
We provide internal audit services to financial sector companies. We can support the creation of an internal audit function already when applying for a sectoral activity license.
-
Audit of projects
We conduct audits of projects that have received European Union funds, state aid, foreign aid, or other grants.
-
Prevention of money laundering
We help to prepare a money laundering risk assessment and efficient anti-money laundering procedures, conduct internal audits and training.
-
Risk assessment and risk management
We advise you on conducting a risk assessment and setting up a risk management system.
-
Custom tasks
At the request of the client, we perform audits, inspections and analyzes with a specific purpose and scope.
-
External Quality Assessment of the Internal Audit Activity
We conduct an external evaluation of the quality of the internal audit or provide independent assurance on the self-assessment.
-
Whistleblowing and reporting misconduct
We can help build the whistleblowing system, from implementation, internal repairs and staff training to the creation of a reporting channel and case management.
-
Information security management
We provide you with an information security management service that will optimise resources, give you an overview of the security situation and ensure compliance with the legislation and standards.
-
Information security roadmap
We analyse your organisation to understand which standards or regulations apply to your activities, identify any gaps and make proposals to fix them.
-
Internal audit of information security
Our specialists help detect and correct information security deficiencies by verifying an organization's compliance with legislation and standards.
-
Third party management
Our specialists help reduce the risks associated with using services provided by third parties.
-
Information security training
We offer various training and awareness building programmes to ensure that all parties are well aware of the information security requirements, their responsibilities when choosing a service provider and their potential risks.
-
ESG advisory
We help solve issues related to the environment, social capital, employees, business model and good management practices.
-
ESG audit
Our auditors review and certify sustainability reports in line with international standards.
-
Sustainable investments
We help investors conduct analysis of companies they’re interested in, examining environmental topics, corporate social responsibility and good governance practices.
-
Sustainable tax behaviour
Our international taxation specialists define the concept of sustainable tax behaviour and offer services for sustainable tax practices.
-
ESG manager service
Your company doesn’t necessarily need an in-house ESG manager. This role can also be outsourced as a service.
-
Recruitment services – personnel search
We help fill positions in your company with competent and dedicated employees who help realize the company's strategic goals.
-
Recruitment support services
Support services help to determine whether the candidates match the company's expectations. The most used support services are candidate testing and evaluation.
-
Implementation of human resource management processes
We either assume a full control of the launch of processes related to HR management, or we are a supportive advisory partner for the HR manager.
-
Audit of HR management processes
We map the HR management processes and provide an overview of how to assess the health of the organization from the HR management perspective.
-
HR Documentation and Operating Model Advisory Services work
We support companies in setting up HR documentation and operational processes with a necessary quality.
-
Employee Surveys
We help to carry out goal-oriented and high-quality employee surveys. We analyse the results, make reports, and draw conclusions.
-
HR Management outsourcing
We offer both temporary and permanent/long-term HR manager services to companies.
-
Digital strategy
We help assess the digital maturity of your organization, create a strategy that matches your needs and capabilities, and develop key metrics.
-
Intelligent automation
We aid you in determining your business’ needs and opportunities, as well as model the business processes to provide the best user experience and efficiency.
-
Business Intelligence
Our team of experienced business analysts will help you get a grip on your data by mapping and structuring all the data available.
-
Cybersecurity
A proactive cyber strategy delivers you peace of mind, allowing you to focus on realising your company’s growth potential.
-
Innovation as a Service
On average, one in four projects fails and one in two needs changes. We help manage the innovation of your company's digital solutions!
A year has passed since the General Data Protection Regulation (GDPR) entered into force on 25 May 2018. The main purpose of the regulation is, in the age of pervasive smartphones, social media and online banking, to give individuals more control over what data about them is processed.
The GDPR also applies to employment relations where the employer processes personal data of employees.
A reminder – what is personal data?
Personal data relates to an identified or identifiable natural person who can be identified, directly or indirectly, by reference to their physical, psychological, physiological, economic, cultural or social traits, relations and affiliation. Personal data is all data that can be directly or indirectly linked to the individual. Pursuant to the GDPR, personal data is categorised as general and special category data. General category data includes the individual’s name, personal code (ID code) or date of birth, place of residence, the person’s image, including security camera recordings etc.
Special categories of personal data is information about race or ethnic origin, political opinions, religious or philosophical beliefs, genetic data, biometric data, health records or data about the individual’s sex life or sexual orientation.
Processing of personal data in employment relations
To process personal data, the employer must define the purpose of processing – specify why and on what lawful basis the personal data is processed.
There are two lawful bases for processing an employee’s personal data – performance of a contract and employers’ compliance with legal obligations. As the data controller the employer must ensure that the personal data is processed in compliance with the GDPR and other applicable legislation.
Personal data processing in recruitment
To what extent may a job applicant’s personal data be processed in the recruitment process? Do the applicants need to give their consent for a background check? Can social media be used to gather information about an applicant? These are some of the many questions that arise in regard to processing of personal data in the recruitment process.
An employer may process personal data that the applicant has submitted to the employer in the recruitment process – their CV and related documents (such as recommendations from a former employer, documents certifying education etc.).
Prerequisites for a background check
Does an employer have the right to use social media to collect information on applicants or employees? They must make sure to use only appropriate channels and information disclosed by the applicant themselves. If a person has published information about themselves on a public website or a blog and the information comes up in a simple internet search, a separate consent doesn’t need to be asked. Checking an employee’s Facebook profile is also allowed as long as only the publicly available data is viewed. Prior consent from an employee or an applicant is needed if the employer contacts their friend or current employer to get references and/or feedback.
It would be wise for an employer to include the company’s privacy notice in a job ad. The privacy notice needs to state how the company processes personal data in the recruitment process, what the purpose of processing is, what the legal basis for processing is and the terms of data retention. It is recommended to keep CVs collected in the recruitment process for one year after the end of the recruitment, as based on the Equal Treatment Act, job seekers can claim discrimination and may challenge decisions to turn them down for a position. Thus, employers have a legitimate interest to retain data until the end of dispute period.
Consent as a lawful base of processing employees personal
The consent is only one of the lawful bases set forth in the GDPR for enabling processing of personal data. Consent as a lawful basis in employment can be used as an exception not a rule as an employer has the power in employment relationship and employee’s consent wouldn’t freely given nor retractable. As said above, the lawful basis for processing personal data in an employment relationship is performance of contract or the employer’s legal obligation.
By its nature, consent must as easily retractable as given at any time, so an employer asking an employee’s is consent to sign their employment contract is entirely incorrect. For the purposes of concluding an employment contract, the employer processes the employee’s personal data for performance of a contract, which means that there is already a lawful basis for processing and it would be misleading to ask for additional consent.
If asked for consent, the employee has the right to withdraw their consent at any time – when in fact even if they do “withdraw” consent, the employer still is obliged by law to process the personal data. As an example, consider a situation where the employee withdraws consent upon termination of employment relationship and asks the employer to delete their personal data. The employer has a legal obligation to retain the employment contract for 10 years and the actual lawful basis for processing in this case is in fact fulfilling legal obligation and is not dependent on consent.
Consent in employment relationships can be used to regulate issues pertaining to internal procedure, such as publication of employee’s picture on the website, posting their date of birth on the intranet, processing a child’s personal data for arranging Christmas gifts etc.
To retain job applicants CVs collected in recruitment, for example to notify them of potential vacancies, applicants must give their consent.
The employer must operate in a legally correct manner
To sum up, it is important for employers to make sure they are up to date with personal data protection rules to ensure the proper processing of personal data in the company and avoid any costly legal problems.
The employer is the controller of the employee’s personal data and as such the employer is obliged to notify the employee of the purpose of processing, the lawful bases of processing and the retention periods of personal data. To achieve this, we advise reviewing the company’s internal procedures, where the above-mentioned principles and purposes of processing should be detailed. Furthemore, any changes in internal procedure need to be introduced to employees. The internal rules of work also need to include when the employer has the right to check the content of employees work email accounts or how access to devices and systems is organised. It is also very important to train employees to process personal data securely and ensure that they know what types of employee personal data the employer processes.
Related services:
Data Privacy Payroll and labour law Legal advisory