ガバナンス ガバナンス

Governance

Basic Policy
Our basic corporate governance concept is to maximize corporate value through safe and sound business activities, by increasing management efficiency and transparency. Based on this concept, we work to expand our corporate governance with the aim of achieving sustainable growth and medium- to long-term increase in corporate value, based on trust from society.

As of May 28, 2021

組織図

As we have adopted an Audit and Supervisory Committee system, the Board of Directors, the Audit and Supervisory Committee and the Accounting Auditors have been established as the main bodies of the corporate governance system, and the Internal Control Committee and the Management Meeting have been established as complementary bodies. The Nomination and Compensation Committee was established in March 2021 for the purpose of strengthening corporate governance.

Board of Directors
As a general rule, the Board of Directors meets regularly every month and holds extraordinary meetings when necessary. In addition to business reports, the Board of Directors deliberates on matters stipulated in laws and regulations, the Articles of Incorporation, the rules of the Board of Directors, etc., and monitors and supervises the status of the directors’ performance of their duties by exchanging questions, proposals, and opinions with each other.

Status of Directors
Since the transition to a company with an Audit and Supervisory Committee in 2016, which was based on the idea that advice to and supervision of management based on the knowledge of independent external directors will contribute to the sound management decisions of the Board of Directors, we have appointed more than one third of the directors as external directors and reflect their opinions in management.

取締役会 取締役会 List of officers >

Evaluation of the effectiveness of the board of directors
We analyze and evaluate the effectiveness of the Board of Directors with the aim of improving the function of the Board of Directors. In the FY2020, a self-evaluation questionnaire survey of each director was conducted in collaboration with a third-party organization regarding the “overall operation of the Board of Directors,” “improvements in the operation of the Board of Directors and enhancement of deliberations,” “minutes of the Board of Directors meetings,” “composition of the Board of Directors,” “system supporting the Board of Directors”, and “roles and responsibilities of the Board of Directors,” and we are evaluating and analyzing the results.
In the future, we will continue to regularly evaluate the effectiveness of the Board of Directors and make improvements based on the results, in an effort to further improve the function of the Board of Directors and ensure its effectiveness.

Audit and Supervisory Committee
The Audit and Supervisory Committee consists of all four external directors and it audits the decision-making process of the Board of Directors and the status of performance of the directors’ duties in cooperation with the Internal Audit Department, etc.

Accounting Auditors
We have an auditing contract with Ernst & Young ShinNihon LLC. as our accounting auditors and outsource our accounting audits to them. The accounting auditors formulate an audit plan that includes the audit items, audit system, and audit schedule, holds a quarterly review report meeting each quarter from the first quarter to the third quarter, and at the end of the fiscal year they hold an accounting audit report meeting related to our year-end settlement of accounts and report to the Audit and Supervisory Committee. The above report meetings are attended by the general manager of the management department, who is in charge of accounting.

Internal Control Committee
The Internal Control Committee, which is an organization that builds and operates the internal control system based on the Companies Act and the Financial Instruments and Exchange Act, is chaired by the President and is responsible for compliance, risk management, information management and operational efficiency of the entire group. In order to support the control activities of the Internal Control Committee, we have established internal rules and are providing training to our directors, executive officers and employees.

Management Meeting
As a general rule, the Management Meeting is held at least once a month, and is attended by the executive directors (including directors who are Audit and Supervisory Committee members when necessary) and executive officers, etc., and in addition to making decisions on matters delegated by the Board of Directors (excluding the matters to be exclusively decided by the Board of Directors as defined in the Companies Act), it deliberates, decides, and manages policies and plans for business execution.

Nomination and Compensation Committee
The Nomination and Compensation Committee has been established as a voluntary advisory body to the Board of Directors with the purpose of enhancing management transparency, strengthening the independence, objectiveness and accountability of the function of the Board of Directors regarding the nomination of candidates for directors and the determination of their remuneration, etc., and further enhancing corporate governance. It consists of three or more directors selected by a resolution of the Board of Directors, and the majority of them are independent external directors. Appropriately securing an opportunity for the involvement and advice of the independent external directors will enhance fairness, transparency, and objectivity.

Risk Management /Compliance System
An Internal Control Committee has been established to oversee the compliance and risk management system of the entire group, and in addition to strengthening internal controls based on the decisions of the Internal Control Committee , we provide training and education to directors, executive officers and employees as required and based on the instructions of the Internal Audit Department.
In addition, we have also established and operate an internal reporting system (the Scroll Group Corporate Ethics Hotline) in which the director responsible for compliance or an external lawyer is the recipient of the information, as a means for directors, executive officers and employees to directly provide information on legal violations and other matters related to compliance. The Internal Audit Department evaluates the internal control system and its operation for the entire group, and reports the results to the Internal Control Committee.

Company-wide Risk Management
The Scroll group identifies and evaluates risks with Business sector as the risk owner. In addition, a “General Risk Management Activities” Office (RM Office) has been established as the office for the Internal Control Committee, and it supports responding to risks in business divisions. These activities are audited by the Internal Audit Department and reported to the Audit and Supervisory Committee and the Board of Directors. We have established a system that enables continuous monitoring by ascertaining the general risks related to business activities and the risks peculiar to the Scroll group.

Risk Assessment Method
ⅰ.

Preparation of risk management tables and risk maps
The general risks in the Scroll group and the inherent risks in each business are extracted from the risk category items in Table 1 and a “risk management table” is prepared for each business division. Furthermore, the extracted risks are evaluated based on their “probability” and “impact”, and a risk map (Table 2) is prepared for each business division. The risk management table and risk map are reviewed annually by the person in charge to encourage risk response in each business division.

ⅱ.

Summary of segment risks and group risks
The RM Office conducts hearings based on the risk assessment of each business division, conducts a risk assessment for each segment and for the entire group, and reports to the Internal Control Committee.

Table 1 Risk classification
External environmental risk

After the COVID-19 / Climate change / Disaster / Accident / Conflict Customer / Market

Internal environmental risk

Governance / Communication / Human resources / Corporate culture

Business process risk

<Related to Business sector>
SCM and Product Procurement / Outsourcing / Logistics and Transport / ationAssets (goods and services) / Regulations
<Related to back-office section>
Labour and Employment / Compliance / Environmental Measures / Finance, Accounting and Investment / Information Systems / Public and Investor Relations

Table 2 Risk Map (The greater the number of ★, the higher the importance.)
Impact
    Small Medium Large
Possibility of occurring
High

importance:★★

importance:★★★

importance:★★★★★
Medium importance:★ importance:★★★ importance:★★★★
Low

importance:★

importance:★

importance:★★★★

  Impact
Possibility of
occurring
Small

High

importance:★★
Medium importance:★
Low

importance:★

Possibility of
occurring
Medium

High

importance:★★★
Medium importance:★★★
Low

importance:★

Possibility of
occurring
Large

High

importance:★★★★★
Medium importance:★★★★
Low

importance:★★★★

Privacy Policy

Established on October 1, 2004
Scroll Corporation

President Tomohisa Tsurumi

Personal Information Protection Policy
~Our basic idea to protect your personal information~

We have established a “personal information protection management system” in order to handle our customers’ personal information carefully and safely, and we strictly manage our customers’ information based on this.
The “Privacy Policy” is one of those systems and is our promise to all people related to us about the basic handling of our customers’ personal information that we receive.
We declare that we will comply with laws, regulations and guidelines related to the protection of personal information, and that we will do our utmost to protect our customers’ personal information based on this “Privacy Policy”.

Basic Policy

1.About acquisition, use and provision of Personal Information

All of our executives and employees recognize the importance of protecting personal information, and we will acquire, use, and provide such information in a lawful and fair manner to the extent necessary to achieve the stated purpose of use, as clearly defined. In addition, we shall not handle personal information for any purpose other than the purpose of use, except as permitted by law, and we shall take measures to ensure that this is the case.

2.Compliance with laws, national guidelines, and other norms regarding the handling of personal information

We will handle personal information with integrity, complying with laws and regulations regarding the handling of personal information, national guidelines and other norms (hereinafter referred to as “laws and regulations, etc.”), as well as our personal information protection management system. In addition, we shall strive to keep abreast of laws and regulations etc., and shall provide information to our officers, employees, and business partners, and comply with them.

3.Prevention and correction of leakage, loss or damage etc. of personal information

当We will take reasonable security and preventive measures, both technically and organizationally, against the risk of leakage, loss, or damage etc. of personal information. In addition, we conduct periodic inspections and promptly correct any violations, incidents, or accidents that are discovered.

4.Response to complaints and consultations

We set up the Personal Information Customer Service Centre and will respond appropriately and promptly to complaints and consultations regarding our handling of personal information and our personal information protection management system after confirming that the request is made by the person himself/herself.

5.Continuous improvement of personal information protection management system

We will continuously review and improve our personal information protection management system to ensure that personal information is properly handled and protected. Improvements will be made in accordance with laws and regulations etc. and the Japanese Industrial Standard “Personal Information Protection Management System – Requirements” (JISQ15001).

Final revision on March 16, 2022

About The Privacy Policy

1.Definition of personal information
(1)

The personal information of our customers that we receive includes the following. Transactions may be refused if a customer does not agree to the provision of the personal information.

“Attribute information” such as name, address, telephone number, date of birth, email address, etc. (including modified information that we have learned by receiving notification from customers after the start of transactions) that is written by customers on our specified application forms (including input screens).

(2)

In principle, we do not acquire “personal information requiring special consideration” from customers. However, this excludes cases in which the company has obtained the consent of the individual to whom the information pertains, such as when the individual is applying for employment with us or when otherwise required by law. The term ” sensitive personal information” shall mean the following.

* Personal information that includes descriptors, etc. defined in government ordinances as requiring special consideration in its handling so as not to cause unfair discrimination, prejudice or other disadvantages against the person, such as the person’s race, beliefs, social status, medical history, criminal history, the fact of having been the victim of a crime, etc.

2.Purpose of using personal information
(1)

The purposes for which we use our customers’ personal information are as follows.

1.

To send products, catalogs, direct mail, etc., to notify you via e-mail newsletters and SNS, to provide you with information on after-sales services and other services related to our products, etc. by us and our group companies in the e-commerce business and related businesses.

2.

Introducing you to products and services from our company, our group companies, and other companies that we deem appropriate.

3.

Making credit-provision decisions for future transactions with us and our group companies, post-credit management, and credit control.

4.

Conducting campaigns, sweepstakes plans, and questionnaire surveys.

5.

To analyze, research, develop, and prepare statistical data for marketing, sales promotion, product planning, etc.

6.

Responding to questions, complaints, etc. from customers.

7.

To screen applicants for employment and to manage human resources and labor management of employees.

(2)

If you inform us that our introductions about the products and services of our company, our group companies, and our trading companies is unnecessary, we will promptly stop sending such information.

3.Appropriate acquisition of personal information
We will collect our customers’ personal information in an appropriate manner.
(1)

We will collect your personal information using appropriate methods.

(2)

We will collect your personal information in the following circumstances, for example.

1.

When the customer applies to purchase our products or use our services, or when you egister as a member or customer of our company.

2.

When the customer purchases a product or use our services based on a transaction with us and pays the price.

3.

When the customer participates in a questionnaire from us.

4.

When a customer applies to us for a prize or friend referral campaign.

5.

When a customer requests materials from us, etc.

(3)

In the above cases, we may collect additional information other than the customer’s basic personal information by asking questions, but you can decide at your own discretion whether or not to answer our questions.

(4)

When collecting your personal information from a website we have established, we use SSL (Secure Socket Layer) to encrypt the information so that it can be transmitted safely.

(5)

We will not acquire personal information from a third party that has obtained the information illegally.

(6)

We may obtain customers’ personal information via appropriate methods from commercially available lists and mailing list companies that have collected the information via appropriate methods. We may then use those lists to send customers information about our products and services. If you do not want such information, please let us know and we will promptly stop sending the information.

(7)

If we receive an application from a minor customer, we may confirm the details with a parent or guardian.

(8)

Except for the following cases, we will obtain the customer’s consent before acquiring sensitive personal information.

1.

When required by laws and regulations, etc..

2.

When it is necessary to protect the life, body or property of a person and it is difficult to obtain the person’s consent.

3.

When it is particularly necessary to improve public health or promote the sound development of children, and it is difficult to obtain the person’s consent.

4.

When it is necessary to cooperate with a national institution or local public body, or a person entrusted with their authority, that is conducting affairs stipulated in laws or regulations etc., and obtaining the consent of the person may hinder the performance of such conduct.

5.

When the sensitive personal information has been published by the person; a national agency; local public body; broadcasting agency, newspaper company, news agency or other reporting agency (including individuals who report as a profession); a person who writes as a profession; a university or other institution or group that has a purpose of academic research, or a person belonging to such an organization; a religious group, political group, or other entity specified in the rules of the Personal Information Protection Commission.

6.

In other cases specified by a Cabinet Order as being equivalent to the cases listed in the preceding items.

4.Control of personal information
We carefully control our customers’ personal information.
(1)

We will take responsibility and carefully control the personal information received from our customers.

(2)

We will prevent unauthorized access to and loss, destruction, falsification, leakage, etc. of our customers’ personal information. We will also conduct periodic inspections and promptly correct any violations, incidents, or accidents that are discovered, and implement preventive measures against them. For this purpose, we conduct education and awareness arising for our executives and employees, and implement safety measures in terms of systems, administrative procedures, and facilities.

(3)

We will endeavor to keep our customers’ personal information accurate and up-to-date.

(4)

We will promptly suspend the use of personal information that no longer needs to be stored based upon the purpose of its use, and will dispose of or delete it in a safe manner.

5.Provision of personal information
(1)

Shared use
As described below, we will share our customers’ personal information with our group companies, including the following joint users.
【Items of personal information that we share the use of with joint users】
The personal information described in section 1 “Definition of personal information”.
【Joint users of personal information】click here.
【Purpose of shared use】
Equivalent to the use purposes described in section 2 “Purpose of using personal information” above.
【Personal information manage】
Business responsible for personal information management:2-24-1 Sato, Naka-ku, Hamamatsu-shi, Shizuoka
Scroll Corporation President Tomohisa Tsurumi

(2)

We will not provide your personal information to a third party without your consent, except in the cases listed in (3) below. However, this does not apply if any of the following items apply or if otherwise permitted by law or regulation.

1.

When the customer consents to the provision to a third party

2.

When disclosure or provision is required by laws or regulations etc.

3.

When it is necessary to protect the life, body or property of a person and it is difficult to obtain the customer’s consent

4.

When it is necessary to cooperate with a national institution or local public body, or a person entrusted with their authority, that is conducting affairs stipulated in laws and regulations etc., and obtaining the consent of the person may hinder the performance of such conduct

5.

When outsourcing our business to a group company or another company

(3)

We may outsource the handling of the personal information described in section 1 “Definition of personal information” to a company that conducts analysis based on customers’ transaction history.

1.

The purpose of this is to provide or propose products and services to our customers more appropriately and at more appropriate times.

2.

We have contracts regarding the handling of personal information with the companies that receive the personal information.

3.

We use electronic storage devices when providing customers’ personal information to the companies that receive personal information. We perform safety measures with these devices so that others cannot easily view the contents of the information.

4.

Customers who do not wish for such provision should inform us and we will immediately stop the provision.

(4)

Except for in the following cases, we will obtain the consent of the customer regarding the provision of personal information to third parties (Excluding those who have established a system that conforms to the standards set forth in the Rules of the Personal Information Protection Commission as those necessary to continuously take measures equivalent to those required to be taken by business operators handling personal data) in a foreign country (a country or region outside of Japan, the same shall apply hereinafter in this article) before such provision to third parties in the relevant foreign country.

1.

When providing the information to a third party in a country specified in the rules of the Personal Information Protection Commission as a foreign country that has a system for protecting personal information that is recognized as being at the same level as Japan in protecting the rights and interests of individuals.

2.

When it has been ensured using an appropriate and reasonable method between us and the entity that receives the personal data that the measures in line with Chapter 4, Section 2 of the Personal Information Protection Law will be implemented regarding the handling of the personal data by the entity that receives the personal data

3.

When the entity that receives the personal data is certified based on an international framework for personal information handling

4.

When any of the reasons listed in the items of Article 27, Paragraph 1 of the Personal Information Protection Law applies

6.Requests for disclosure, correction, etc. of personal information
In accordance with laws and regulations etc., we will sincerely respond to claims and complaints of customers’ personal information, such as notify the purpose of use, respond to requests for disclosure of personal information in our possession, conduct correction, addition, deletion, suspension of use and prohibition of provision to third parties in cases which the content of the personal information in our possession is contrary to the facts, etc. (hereinafter referred to as “Disclosure, etc.”).
(1)

We will perform the Disclosure, etc. of a customer’s personal information that we hold at the request of the customer or an agent authorized by the customer.
※ Please see here for the detailed disclosure request method.
【Detailed Disclosure, etc. request method】

1.

When requesting Disclosure, Etc., please first call the “Personal Information Customer Service Centre” listed below.

2.

Requests for Disclosure, etc. will be accepted by mail or other means designated by us.

3.

When requesting Disclosure, Etc., please apply with an official identification card (a copy of your driver’s license, passport, residence certificate, etc.) that certifies your identity.

4.

We may charge the costs incurred in the disclosure process as a disclosure fee. No fee will be charged for procedures to correct, add to, or delete the content of personal data, or to discontinue the use, erase, or prohibit the provision to third parties of personal data. 

5.

We aim to send a response by the method designated by the customer within approximately 10 business days. However, in cases where the information is to be disclosed by mail or other means other than those specified by the customer in accordance with laws and regulations etc., the reason for such disclosure will be notified before the disclosure.

6.

If the customer’s personal information disclosed by us contains an error, we will correct or delete the information depending on the situation. In that case, the disclosure fee will be refunded.

(2)

However, we cannot disclose part or all of a customer’s personal information in the following cases. In this case, we will respond with the reason why we cannot make the disclosure.

1.

When there is a risk of serious damage to the life, body, or property of the customer or a third party.

2.

When there is a risk of seriously hindering the operation of our business.

3.

When it would violate other laws and regulations, etc.

(3)

If the customer’s personal information disclosed by us contains an error, we will promptly correct or delete the information.

(4)

When a customer requests disclosure we may charge the costs incurred.

(5)

Please contact our “Personal Information Customer Service Centre” if you have any questions about our “About The Privacy Policy”, “Privacy Policy” or how we handle customers’ personal information, or if you find any deficiencies in our personal information protection.

【Personal Information Customer Service Centre】
Scroll Corporation, Customer Service Centre, Customer Personal Information Disclosure Section
Tel.: 0120-950-213 (Japan only)
Reception Hours: 9:00 am to 5:00 pm (Monday to Friday). We are closed on Saturdays, Sundays, public holidays, and the year-end and New Year holidays. )
Address: 2-24-1 Sato, Naka-ku, Hamamatsu City, Shizuoka 430-0807

Established on October 1, 2004
Final revision on March 16, 2022

Handling of marketing information (e.g., data that does not constitute personal information by itself)

1.About use of marketing information

We use non-personally identifiable data (hereinafter referred to as “marketing information”.) for marketing activities, such as analyzing the effectiveness of advertisements, as well as to improve and enhance the services we provide and to implement sales promotions that are optimal for our users. In addition, a portion of this data may be provided to third parties such as our group companies and our business partners.
Marketing information is legally classified into (1) anonymously processed information, (2) pseudonym processed information, and (3) personally related information (cookie information, etc.), and each is not personal information by itself. We will use this marketing information after taking legal or appropriate measures.

2.About the use of anonymously processed information

For the purpose of our marketing activities, sales promotion measures for the products and services we provide, analysis, research and implementation thereof, and analysis, research and implementation necessary to improve our services and productivity, we will create “anonymous processed information” that is processed in an unrecoverable manner so that individual users cannot be identified, and will make it accessible to our The information may be provided to third parties such as group companies, partner companies, universities and other research institutions by uploading it to a restricted server or sending it by e-mail, etc.
The items of information about users included in anonymously processed information are as follows.
Address information to the municipality, zip code, gender, age, purchase history, etc.

3.About the use of pseudonym processed information

We collate with other information for our marketing activities, promotional measures for the products and services we offer, their analysis, research and implementation, and the analysis, research and implementation necessary to improve our services and productivity. Unless otherwise specified, we may create and use “pseudonym processing information” that has been processed so that the individual user cannot be identified. The creation, use and deletion of “pseudonym processed information” will be carried out appropriately in accordance with laws and regulations etc..
In addition, “pseudonym processed information” may be provided to a third party based on laws and regulations etc., and may be shared, but when we jointly use “pseudonym processed information”, it is based on laws and regulations etc.. We will announce the necessary information.

4.About the use of personal information

We may acquire and use “personal information” that cannot identify a specific individual for the purpose of analysis, research and implementation of marketing activities of sales promotion measures for the products and services we provide and of the improvement of our services and productivity.
We will not identify an individual by collating personal-related information provided by a third party with other information unless the person has consented in advance based on laws and regulations etc. In addition, we will confirm that the personal information provided by us will not be collated or used as personally identifiable information at the destination without the prior consent of the individual.
Access history of pages and products viewed by users such as (1) Cookies, (2) Web Beacons, (3) Access Logs (History) might be used by business partners such as information providers and service providers for the same purpose.

(1)

Cookie
Cookies are user access information that is exchanged between the website and the browser. Cookies are used not only for aggregating access information, but also for smooth site browsing services such as controlling the transition screen for each user and displaying previously confirmed products and services. Generally, cookies are enabled in the initial state of the browser and can be disabled arbitrarily. However, if you disable cookies, you will not be able to use some services on the website.

(2)

Web beacons
Web beacons are a mechanism for feeding back information that a user has browsed a website or email by hiding or embedding a small image on the page or email of the website.
The information that is fed back does not have any personally identifiable information, and is generally the date and time of access, the page viewed, the IP address, device information, and so on. We may analyze access based on this information and use it to improve the content of advertisements and site pages.

(3)

Access Logs (History)
An access log is a record of the details of a web server when it is requested to connect to the outside or send / receive data. Generally, the access date and time, IP address, specified URL, processing time, number of bytes sent and received, etc. are recorded. When system trouble or security problems occur, access logs may be consulted to find out more about the trouble or problem and to get clues as to the cause.


■Explanation of main ad distribution services and disabling them (Opt-out)
We may use behavioral targeted advertising services provided by the following business partners for the purpose of effective advertising distribution.
These business partners collect customers’ cookie information for the purpose of delivering advertisements only.
The information obtained by the business partners will be managed in accordance with the privacy policy established by each business partner.
If you wish to disable these ad delivery service functions, please disable it at the sites of the relevant business partners below(Opt-out).
■Rakuten
Privacy policy of services provided by Rakuten
Opt-out from Rakuten Advertising
■Yahoo! JAPAN
Privacy policy of services provided by Yahoo! JAPAN
Opt-out from Yahoo! JAPAN Advertising
■Google
Privacy policy for services provided by Google
Opt-out of Google Advertising
■Criteo
Privacy policy for services provided by Criteo
Opt-out of Criteo Advertising
■Facebook
Privacy policy for services provided by Facebook
Opt-out of Facebook Advertising
■Microsoft
Privacy Policy for Services Provided by Microsoft
Opt-out of Microsoft advertising
■LINE
Privacy policy for services provided by LINE
Opt-out of Line advertising
Opt-out of LINE Tag

■Main website access information collection and analysis services used by our company
We may use Google Analytics to collect information about your access to our website as a service that enables us to statistically collect and analyze access information of users who have visited our website using cookies and other technologies. This access information does not identify any individual. In addition, the collected information will be used for analysis and advertisement distribution for improving services in our business. For the collection and handling of customer-related information in Google Analytics, and the privacy policy of the services provided by Google, please check the following sites.
Users may also opt-out of Google Analytics through an opt-out browser add-on.

■Google Analytics
Information collection and handling of information by cookies in services provided by Google
Privacy policy for services provided by Google
Opt-out of Google Analytics

Established on October 1, 2004
Final revision on March 16, 2022