-
Other audit services
We help clients with the application and use of foreign financial aid of EU and other funds and help prepare financial reports.
-
Audit calculator
The calculator will answer if the company's sales revenue, assets or number of employees exceed the limit of an inspection or audit.
-
Payroll and related services
We perform payroll accounting for companies whether they employ a few or hundreds of employees.
-
Tax accounting
Grant Thornton Baltic's experienced tax specialists support accountants and offer reasonable and practical solutions.
-
Reporting
We prepare annual reports in a timely manner. We help to prepare management reports and various mandatory reports.
-
Consolidation of financial statements
Our experienced accountants and advisors help you prepare consolidation tables and make the consolidation process more efficient.
-
Consultancy and temporary staff
Our experienced specialists advise on more complex accounting transactions, rectify poor historic accounting, and offer the temporary replacement of an accountant.
-
Outsourced CFO service
Our CFO service is suitable for companies of all sizes and in all industries. We offer services to our clients in the required amount and competences.
-
Assessment of accounting processes
We help companies to implement accounting practices that are in compliance with local and international standards.
-
Accounting services for small businesses
We offer affordable service for small businesses. We help organize processes as smartly and cost-effectively as possible.
-
Cryptocurrency accounting
We keep up with blockchain technology to serve and advise crypto companies. We are supported by a network of colleagues in 130 countries.
-
Trainings and seminars
Our accountants have experience in all matters related to accounting and reporting. We offer our clients professional training according to their needs.
-
Business advisory
We offer legal support to both start-ups and expanding companies, making sure that all legal steps are well thought out in detail.
-
Fintech advisory
Our specialists advise payment institutions, virtual currency service providers and financial institutions.
-
Corporate advisory
We advise on legal, tax and financial matters necessary for better management of the company's legal or organizational structure.
-
Transaction advisory
We provide advice in all aspects of the transaction process.
-
Legal due diligence
We thoroughly analyze the internal documents, legal relations, and business compliance of the company to be merged or acquired.
-
In-house lawyer service
The service is intended for entrepreneurs who are looking for a reliable partner to solve the company's day-to-day legal issues.
-
The contact person service
We offer a contact person service to Estonian companies with a board located abroad.
-
Training
We organize both public trainings and tailor made trainings ordered by clients on current legal and tax issues.
-
Whistleblower channel
At Grant Thornton Baltic, we believe that a well-designed and effective reporting channel is an efficient way of achieving trustworthiness.
-
Business model or strategy renewal
In order to be successful, every company, regardless of the size of the organization, must have a clear strategy, ie know where the whole team is heading.
-
Marketing and brand strategy; creation and updating of the client management system
We support you in updating your marketing and brand strategy and customer management system, so that you can adapt in this time of rapid changes.
-
Coaching and development support
A good organizational culture is like a trump card for a company. We guide you how to collect trump cards!
-
Digital services
Today, the question is not whether to digitize, but how to do it. We help you develop and implement smart digital solutions.
-
Sales organisation development
Our mission is to improve our customers' business results by choosing the right focuses and providing a clear and systematic path to a solution.
-
Business plan development
A good business plan is a guide and management tool for an entrepreneur, a source of information for financial institutions and potential investors to make financial decisions.
-
Due diligence
We perform due diligence so that investors can get a thorough overview of the company before the planned purchase transaction.
-
Mergers and acquisitions
We provide advice in all aspects of the transaction process.
-
Valuation services
We estimate the company's market value, asset value and other asset groups based on internationally accepted methodology.
-
Forensic expert services
Our experienced, nationally recognized forensic experts provide assessments in the economic and financial field.
-
Business plans and financial forecasts
The lack of planning and control of cash resources is the reason often given for the failure of many businesses. We help you prepare proper forecasts to reduce business risks.
-
Outsourced CFO service
Our CFO service is suitable for companies of all sizes and in all industries. We offer services to our clients in the required amount and competences.
-
Reorganization
Our experienced reorganizers offer ways to overcome the company's economic difficulties and restore liquidity in order to manage sustainably in the future.
-
Restructuring and reorganisation
We offer individual complete solutions for reorganizing the structure of companies.
-
Corporate taxation
We advise on all matters related to corporate taxation.
-
Value added tax and other indirect taxes
We have extensive knowledge in the field of VAT, excise duties and customs, both on the national and international level.
-
International taxation
We advise on foreign tax systems and international tax regulations, including the requirements of cross-border reporting.
-
Transfer pricing
We help plan and document all aspects of a company's transfer pricing strategy.
-
Taxation of transactions
We plan the tax consequences of a company's acquisition, transfer, refinancing, restructuring, and listing of bonds or shares.
-
Taxation of employees in cross-border operations
An employee of an Estonian company abroad and an employee of a foreign company in Estonia - we advise on tax rules.
-
Tax risk audit
We perform a risk audit that helps diagnose and limit tax risks and optimize tax obligations.
-
Representing the client in Tax Board
We prevent tax problems and ensure smooth communication with the Tax and Customs Board.
-
Taxation of private individuals
We advise individuals on personal income taxation issues and, represent the client in communication with the Tax and Customs Board.
-
Pan-Baltic tax system comparison
Our tax specialists have prepared a comparison of the tax systems of the Baltic countries regarding the taxation of companies and individuals.
-
Internal audit
We assist you in performing the internal audit function, performing internal audits and advisory work, evaluating governance, and conducting training.
-
Internal Audit in the Financial Services Sector
We provide internal audit services to financial sector companies. We can support the creation of an internal audit function already when applying for a sectoral activity license.
-
Audit of projects
We conduct audits of projects that have received European Union funds, state aid, foreign aid, or other grants.
-
Prevention of money laundering
We help to prepare a money laundering risk assessment and efficient anti-money laundering procedures, conduct internal audits and training.
-
Risk assessment and risk management
We advise you on conducting a risk assessment and setting up a risk management system.
-
Custom tasks
At the request of the client, we perform audits, inspections and analyzes with a specific purpose and scope.
-
External Quality Assessment of the Internal Audit Activity
We conduct an external evaluation of the quality of the internal audit or provide independent assurance on the self-assessment.
-
Whistleblowing and reporting misconduct
We can help build the whistleblowing system, from implementation, internal repairs and staff training to the creation of a reporting channel and case management.
-
Information security management
We provide you with an information security management service that will optimise resources, give you an overview of the security situation and ensure compliance with the legislation and standards.
-
Information security roadmap
We analyse your organisation to understand which standards or regulations apply to your activities, identify any gaps and make proposals to fix them.
-
Internal audit of information security
Our specialists help detect and correct information security deficiencies by verifying an organization's compliance with legislation and standards.
-
Third party management
Our specialists help reduce the risks associated with using services provided by third parties.
-
Information security training
We offer various training and awareness building programmes to ensure that all parties are well aware of the information security requirements, their responsibilities when choosing a service provider and their potential risks.
-
ESG advisory
We help solve issues related to the environment, social capital, employees, business model and good management practices.
-
ESG audit
Our auditors review and certify sustainability reports in line with international standards.
-
Sustainable investments
We help investors conduct analysis of companies they’re interested in, examining environmental topics, corporate social responsibility and good governance practices.
-
Sustainable tax behaviour
Our international taxation specialists define the concept of sustainable tax behaviour and offer services for sustainable tax practices.
-
ESG manager service
Your company doesn’t necessarily need an in-house ESG manager. This role can also be outsourced as a service.
-
Recruitment services – personnel search
We help fill positions in your company with competent and dedicated employees who help realize the company's strategic goals.
-
Recruitment support services
Support services help to determine whether the candidates match the company's expectations. The most used support services are candidate testing and evaluation.
-
Implementation of human resource management processes
We either assume a full control of the launch of processes related to HR management, or we are a supportive advisory partner for the HR manager.
-
Audit of HR management processes
We map the HR management processes and provide an overview of how to assess the health of the organization from the HR management perspective.
-
HR Documentation and Operating Model Advisory Services work
We support companies in setting up HR documentation and operational processes with a necessary quality.
-
Employee Surveys
We help to carry out goal-oriented and high-quality employee surveys. We analyse the results, make reports, and draw conclusions.
-
HR Management outsourcing
We offer both temporary and permanent/long-term HR manager services to companies.
-
Digital strategy
We help assess the digital maturity of your organization, create a strategy that matches your needs and capabilities, and develop key metrics.
-
Intelligent automation
We aid you in determining your business’ needs and opportunities, as well as model the business processes to provide the best user experience and efficiency.
-
Business Intelligence
Our team of experienced business analysts will help you get a grip on your data by mapping and structuring all the data available.
-
Cybersecurity
A proactive cyber strategy delivers you peace of mind, allowing you to focus on realising your company’s growth potential.
-
Innovation as a Service
On average, one in four projects fails and one in two needs changes. We help manage the innovation of your company's digital solutions!
Author: Indrek Keis
Video recordings are also used for commercial and other purposes, but this article will focus on the purpose for providing security in organizations – keeping property and persons safe. I will list the main activities that help organizations reduce the negative consequences of using video surveillance and the possibility that they might have to resolve complaints or get a citation from an oversight body.
Activities preceding video recording
Who is responsible? First of all, it is necessary to specify the actual entity who is responsible, meaning the organization that ensures the legitimacy of use of video surveillance. The responsible organization may not always be obvious because more than one organization may share the same grounds or property or the use of video cameras may be contingent on pre-existing contracts, agreements and legal acts.
It is necessary to determine whether there is a need to use video surveillance and what to what extent. The end does not always justify the means – the use of cameras to keep property safe is not permitted everywhere. For instance, it is hard to consider video surveillance legitimate in a dressing room area where people disrobe and expect greater privacy. In such a case, there are better alternatives for protecting property that do not involve processing of personal data. Consider stronger lockers and locks if there is a need to keep the contents of the locker safe or security elements in case of a store looking to deter shoplifters. Determining the need for using video surveillance is important for selecting the camera’s line of sight and the suitable equipment.
Once you have identified who wants to use video surveillance and for what reason, also consider the legal framework. Legal options in the private and public sector vary. Apartment associations should think about property law issues and if necessary, use video surveillance based on the decision of the general meeting. Organizations that use a video surveillance service provider or store data outside the EU must additionally consider mandatory legal agreements.
Before starting the use of video surveillance, the organization should set rules on how long the video recordings are retained, by who and in what instances can the recordings be accessed and how the organization will enforce the rules.
As the next step, notification of regarding video surveillance should be handled. As a rule, it must be understood by everyone whether they are being tracked by a camera or not. If people from outside the organization could be captured on the footage (visitors, customers, random passers-by), notice signs should be placed. The notification within the organization can be made in other ways, such as a part of internal work procedures, privacy policy or other internal document. It is important that the people who will potentially be captured by the camera have been made aware of such internal documentation and have easy access to the latest version of the document.
To sum up, before cameras are installed and turned on, it must be made sure that the organization has documented the purposes of video surveillance, the need for using the camera and rules for using the video recordings and. The organisation also has to be able to demonstrate that it has provided relevant notices regarding the use of video surveillance.
Choosing technical solutions
Selectiong of technical solutions depend largely on the previously defined goal and needs. Use of a 360-degree camera is not expedient if only a specific area must be monitored, such as an entrance, cash register or one part of the office or hallway. If the scope of the viewing area does not have to be changed constantly but the equipment enables it, the organization will find it harder to prove compliance with data protection requirements. If a technical solution with additional functionality or enhancements is used, people captured on camera may raise trust issues – why use a type camera that makes it possible to easily and unnoticeably change the viewing angle although there is actually no need for it?
Data security also plays a role when it comes to the technical aspect, starting from the transmission of data from the camera to data retention and deletion of data. A wireless camera is certainly easier to install but security should not be overlooked. Unfortunately, it is all too easy to go on the internet and find recordings or live streams by security cameras with factory-default access privileges or that are not password protected. When storing recordings in the cloud or locally, it should be ensured that only authorized people have access. It should also be decided who uses the data and how the data is erased – automatically or with manual intervention.
To sum up, the keywords for choosing technical solutions are secure and encrypted data connections, transmission, storage and deletion, as well as user and password management.
Data subject access requests
When video surveillance is used, the rights of the people who may be captured on camera must not be overlooked. In general, everyone has the right to access their personal data, which in the case of video surveillance means the camera recording, and demand that their data be deleted, although the latter does not always have to be granted. From the perspective of the organization, it is wise to consider how such requests will be processed (how a person can make the request and to whom, how the request reaches the right employee responsible for resolving it, etc.). Previously determined and documented purposes, need, legal grounds and rules also play a role in case the organisation receives a data subject access request.
Accountability
As with other activities that involve collection, creation or otherwise using personal data, the organization responsible for video surveillance must be capable of proving the following, among other things:
- the processing of personal data is legitimate (conditions relying on a specific legal basis are fulfilled);
- people have been notified of processing their personal data (the person was aware of video surveillance, and who was doing so for what reason);
- the security of the data is ensured (rules and technical measures).
What to avoid?
First of all, avoid failing to provide notice to people or giving the notice too late. Regardless of whether it is only the organization’s own employees who are on camera or complete outsiders, it should be clear and understandable to everyone that they may be caught on camera. The notification must be made at the first opportunity so that people can decide whether they wish to remain in the potential surveillance zone or not.
Secondly, vague purposes should be avoided. A specific, well-conceived objective is the basis for evaluation of suitable technical solutions, determining the camera’s field of vision, notification and resolving later data subject access requests.
Third, it is not a good idea to ask for people’s consent for video surveillance. The technical and legal requirements for legitimate consent make asking for consent impractical in the case of video surveillance. In other words, video surveillance should not depend on consent.
Fourth, the video recordings must not be publicly disclosed without a legitimate reason. Access to recordings and use thereof should take place only in justified cases. Publication of a surveillance camera recording on (social) media is not always lawful, even if the footage depicts damage to property, a humorous situation or an accident narrowly averted. When releasing video footage in the context of a request related to personal data, it should be ensured that no other persons are recognizable on the video if the person wishes to access a video recording in which they are depicted.
If you have similar challenges and questions, please contact our specialists.