These Terms and Conditions of the Accounting Service constitute a legal agreement between the Client and Aaron Accounting Services (Aaroni Raamatupidamisteenused OÜ or Aaroni Kapital OÜ).

Use of the accounting service is possible only by accepting the terms of service. Last review: April 2022.

1. Customer obligations           

1.1. The customer undertakes to deliver the documents and information required for the provision of the service to the service provider immediately, but no later than within 3 days from the date of issue of the document. The customer is responsible that the documents and information are true and are submitted in time for the provision of the service. The time spent implementing the corrections may result in an additional cost to the customer.           

1.1.1. Purchase invoices are sent to:           

1.1.1.1. Service provider with digitization application Costpocket (1 free user included in the base price)  – terms and conditions and privacy policy;          

1.1.1.2. Personalized Costpocket email address;                   

1.1.2. The client uses the service provider’s accounting program Merit Aktiva to prepare sales invoices (unlimited number of free additional users with the right to make sales invoices in the base price) – terms of use and privacy statement

1.1.3. Other information is provided by the client according to the instructions given by the service provider and the agreed deadlines.           

1.2. The client forwards the work tasks in writing to the e-mail address info@aaroni.ee.           

1.3. The client undertakes a notice period for termination of the service which is 2 months. The service can be terminated earlier than 2 months by paying the service fee proportionally in advance for the unannounced time, the fee is calculated on the basis of the invoices issued for the last 6 months.           

1.4. The client undertakes to inform the service provider of all circumstances concerning the performance of the service.           

1.5. The client registers the persons specified in the written notice as users of e-services on the following portals:           

1.5.1. Tax and Customs Board;           

1.5.2. Business portal (annual report);           

1.5.3. Eesti.ee;           

1.5.4. Internet banks and payment centers;           

1.5.5. E-commerce platforms;           

1.5.6. Other necessary portals.           

1.6. The client activates the following automations in the accounting program:           

1.6.1. E-invoicing operator for e-invoicing traffic;           

1.6.2. Direct bank connection;           

1.6.3. Sending machine-machine data to the Tax Board;           

1.6.4. All automations that will be added in the future.           

1.7. Housing associations are required to use the free environmental Bill.me terms and conditions and privacy policy.          

1.7.1. To transmit readings;           

1.7.2. To receive invoices issued by the apartment association.        

 

2. Obligations of the service provider           

2.1. The service provider uses his own tools to provide the service.

2.2. The service provider undertakes to use qualified labor when providing the service.

2.3. The service provider shall appoint a contact person for the customer by written notice. The service provider shall notify the customer in writing of any change in contact persons.

2.4. The service provider undertakes to provide the service in accordance with the legislation in force in the Republic of Estonia, including the instructions of the Estonian Accounting Standards Board.           

2.5. When providing the service, the service provider undertakes to comply with the terms provided by law and to ensure the provision of the service in such a way that the terms are not violated. The service provider is not liable for violation of deadlines if the customer does not submit the information and documents necessary for the provision of the service in time. Declarations with missing documents and data will not be submitted. Declarations shall be submitted after the information and documents have been transmitted.           

2.6. The service provider prepares Internet bank payment orders within the base price only if the customer’s bank has an interface with the Merit Aktiva program. In the absence of an interface, payment orders are prepared for an additional fee specified in the price list.           

 

3. Price of the service           

3.1. The price of the service consists of the base price (number of items) and additional services. The price list is available on the service provider’s website www.aaroni.ee.  

3.2. Invoices for provided services will be issued between 20-28 dates every month for previous month’s transactions recorded in the accounts and ordered additional services. The payment term is 7 days from the issuance of the invoice and in case of non-compliance with the term, the Service Provider has the right to demand penalties for delays of 0.2% per day on the overdue invoices.     

3.3. Changes in the price list will be announced 1 month in advance as additional information on the invoice issued to the customer.

 

4. Final provisions

4.1. The service provider has the right to unilaterally change the terms of service by notifying 1 month in advance as additional information on the invoice issued to the customer.

DATA PROCESSING ADDENDUM to

Aaroni Accounting Services Terms of Services

April 2020

This agreement regarding processing of personal data (the ”Data Processing Agreement” or the ”DPA”) regulates Aaroni Accounting Services (the ”Data Processor”) processing of personal data on behalf of the Client (the ”Data Controller”) upon providing Services in accordance with the Terms of Service agreed by the Parties (the ”Contract”). The Data Processor in respect of the Client is a Aaroni Accounting Services (Aaroni Raamatupidamisteenused OÜ or Aaroni Kapital OÜ) copmany which is providing the Services to the Client under the Contract.

This DPA is inseparable part of the Contract between Aaroni Accounting Services and the Client.

Legislation

1.1 The Data Processing Agreement specifies the obligations of the Data Processor and the Data Controller under the European Union and national applicable data protection and privacy legislation (the” Applicable Law”), including the Regulation (EU) 2016/679 (GDPR).

Purpose of processing of personal data

2.1. The purpose of the processing under the Contract is the provision of the Services by the Data Processor in accordance with the Contract.

2.2. The Data Processor only performs processing activities that are necessary and relevant to perform the obligations in accordance with the Contract.

2.3. In connection with the Data Processor’s delivery of the Services to the Data Controller, the following types of personal data (the” Personal Data”) will be processed by the  Data Processor on behalf of the Data Controller:

– name, postal address and email address, phone number

– personal identification code/NI number/date of birth

– bank account details

– pension details

– proof of identity

– leave records

– contract of employment

–  minor child details

2.4. The Data Processor processes the Personal Data about the following categories of data subjects on behalf of the Client:

– employees of the Data Controller

– private customers and suppliers of the Data Controller

– employees of the customers and suppliers of the Data Controller.

Instructions

3.1 The Data Processor may only act and process the Personal Data in accordance with the documented instruction from the Data Controller (the” Instruction”), unless required by law to act without such instruction.

3.2. The Instruction at the time of entering into this DPA is that the Data Processor may only process the Personal Data with the purpose of delivering the Services in accordance with the Contract. Subject to the terms of this DPA and with mutual agreement of the parties, the Data Controller may issue additional written instructions consistent with the terms of this DPA.

3.3. The Data Controller’s Instructions for the processing of Personal Data shall comply with Applicable Law. The Data Controller will have sole responsibility for the accuracy, quality, and legality of Personal Data and the means by which it was obtained.

3.4. The Data Processor will inform the Data Controller of any Instruction that it deems to be in violation of the Applicable Law and will not execute the Instructions until they have been confirmed or modified.

Engagement of Sub-Processors

4.1. The Data Processor is given general authorization to engage third parties to process the Personal Data (“Sub-Processors”) without obtaining any further written, specific authorization from the Data Controller, provided that the processing is transferred to any category of Sub-Processors indicated in this DPA. The categories of the Sub-Processors may be amended by Aaroni Accounting Services from time to time and the amendment will be notified to the Data Controller.

4.2. The following categories of Sub-Processors shall be used by the Data Processor for providing Services under the Contract:

– Aaroni Accounting Services companies

– accounting software providers

– payroll software providers

– digitization software providers

– tasks management software providers

– Password management software providers

– national employment and tax registers

– IT service providers

– subcontractors engaged for delivery of Services under the Contract.

4.3. If the Data Controller wishes to object to the new category of the Sub-Processor, the Data Controller shall give notice hereof in writing within ten (10) business days from receiving the notification from the Data Processor. Absence of any objections from the Data Controller shall be deemed a consent to the new category of the Sub-Processor.

4.4. In the event the Data Controller objects to a Sub-Processor and the Data Processor cannot accommodate the Data Controller’s objection, the Data Controller may terminate the Contract by providing 1 month written notice to the Data Processor.

The Data Processor’s obligations

5.1. The Data Processor shall ensure that it’s employees and the Sub-Processors treat all the Personal Data as strictly confidential information.

5.2. The Personal Data shall be processed based on the lawful Instructions of the Data Controller.

5.3. The Data Processor shall implement the appropriate technical and organizational measures as set out in the Applicable Law, including in accordance with GDPR article 32.

5.4. The Data Processor shall assist the Data Controller by appropriate technical and organizational measures, insofar as this is possible, for the fulfilment of the Data Controller’s obligations under the Applicable Law.

5.5. The Data Processor shall give notice to the Data Controller if a breach occurs, that can lead to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to, the Personal Data processed on behalf of the Data Controller (a “Personal Data Breach”). Notice shall be given without undue delay, if possible, within 72h from learning about the Personal data Breach.

5.6. The Data Processor makes available to the Data Controller information reasonably necessary to demonstrate compliance with the obligations laid down in this DPA and allow for and contribute to audits conducted by a qualified independent auditor. Parties will agree the time of the audit, which may take place not more than once a year and the Data Processor shall have reasonable time to prepare the required information. Cost related to the audit shall be paid by the Data Controller. Any information retrieved during the audit shall be kept confidential by the Data Controller.

The Data Controller’s obligations

6.1. The Data Controller must ensure that the Personal Data is obtained from the data subjects and it has a legal basis to process the Personal Data in compliance with the Applicable Law.

6.2. The Data Controller’s obligation is to ensure the rights of the data subjects, including informing the data subjects about processing under this DPA.

Rights of the data subjects

7.1. If the Data Controller receives a request from a data subject for the exercise of the data subject’s rights under the Applicable Law and the correct and legitimate reply to such a request necessitates the Data Processor’s assistance, the Data Processor shall assist the Data Controller by providing the necessary information and documentation. The Data Processor shall be given reasonable time to assist the Data Controller with such requests in accordance with the 

Applicable Law.

7.2. If the Data Processor receives a request from a data subject for the exercise of the data subject’s rights under the Applicable Law and such request is related to the Personal Data of the Data Controller, the Data Processor must immediately forward the request to the Data Controller and must refrain from responding to the person directly.

Liability

8.1. Aaroni Accounting Services liability is set out in article 10 the “Limitation of Liability” of the TOS.

Term

9.1. This Data Processing Agreement shall come into force from accepting the TOS by the Client and will have the same duration and termination terms as the Contract.

9.2. Following expiration or termination of the Contract, the Data Processor will delete all Personal Data in its possession except to the extent the Data Processor is required by Applicable law to retain some or all of the Personal Data (in which case the Data Processor will archive the data and implement reasonable measures to prevent the Personal Data from any further processing). The terms of this DPA will continue to apply to such Personal Data.