Our basic corporate governance concept is to maximize corporate value through safe and sound business activities, by increasing management efficiency and transparency. Based on this concept, we work to expand our corporate governance with the aim of achieving sustainable growth and medium- to long-term increase in corporate value, based on trust from society.
Corporate Governance Report
As of May 31, 2023
As we have adopted an Audit and Supervisory Committee system, the Board of Directors, the Audit and Supervisory Committee and the Accounting Auditors have been established as the main bodies of the corporate governance system, and Nomination,Compensation Committee and Group Management Meetings have been established as complementary bodies.We have introduced the Group Officer and Segment Officer systems to strengthen the supervisory function of the Board of Directors and to clarify authority and responsibility through prompt management decision-making and separation of business execution, as well as to strengthen the responsiveness of business execution.
Board of Directors
As a general rule, the Board of Directors meets regularly every month and holds extraordinary meetings when necessary. In addition to business reports, the Board of Directors deliberates on matters stipulated in laws and regulations, the Articles of Incorporation, the rules of the Board of Directors, etc., and monitors and supervises the status of the directors’ performance of their duties by exchanging questions, proposals, and opinions with each other.
Evaluation of the effectiveness of the board of directors
With the aim of improving the functioning of the Board of Directors, the Company analyses and evaluates the effectiveness of the Board of Directors and makes improvements to strengthen the functioning of the Board of Directors. In FY 2022, in cooperation with a third-party organization, we conducted self-assessment through questionnaires for each director regarding “overall operation of the Board of Directors,” “innovations in the operation of the Board of Directors, enhancement of deliberations,” “agenda of the Board of Directors,” “composition of the Board of Directors,” “structure supporting the Board of Directors,” “roles and responsibilities of the Board of Directors,” and other matters, and the results were evaluated and analyzed. As a result, we have determined that the effectiveness of our Board of Directors has been ensured. We will continue to evaluate the effectiveness of the Board of Directors and make improvements based on the results of such evaluations to further improve the functions and ensure the effectiveness of the Board of Directors.
Audit and Supervisory Committee
The Audit and Supervisory Committee consists of all five external directors and it audits the decision-making process of the Board of Directors and the status of performance of the directors’ duties in cooperation with the Internal Audit Department, etc.
We have an auditing contract with Ernst & Young ShinNihon LLC. as our accounting auditors and outsource our accounting audits to them. The accounting auditors formulate an audit plan that includes the audit items, audit system, and audit schedule, holds a quarterly review report meeting each quarter from the first quarter to the third quarter, and at the end of the fiscal year they hold an accounting audit report meeting related to our year-end settlement of accounts and report to the Audit and Supervisory Committee. The above report meetings are attended by the general manager of the management department, who is in charge of accounting.
Nomination and Compensation Committee
The Nomination and Compensation Committee was established as an advisory body to the Board of Directors for the purpose of enhancing corporate governance, the composition of the Board of Directors and fair operation of the nomination and compensation systems for directors, etc., and increasing transparency thereof. The committee consists of at least three members, a majority of whom must be independent outside directors, and the selection of committee members is made by the Board of Directors.
Group Management Meetings
In principle, the Group Management Meetings will be held at least once a month, with executive directors and group officers in attendance, to make decisions on matters entrusted by the Board of Directors, as well as to deliberate, manage, and decide on policies and plans for the overall management of the Group and its business segments.
Internal Control Committee
The Internal Control Committee, which is an organization that builds and operates the internal control system based on the Companies Act and the Financial Instruments and Exchange Act, is chaired by the President and is responsible for compliance, risk management, information management and operational efficiency of the entire group. In order to support the control activities of the Internal Control Committee, we have established internal rules and are providing training to our directors, Group Officer、Segment Officer and employees.
The Sustainability Committee is chaired by the President and CEO and includes the person in charge of each business segment (PRS). The Sustainability Committee meets approximately twice a year to set targets, monitor progress against the plan, and evaluate implementation in cooperation with the business segments. The contents of this committee are reported to the Board of Directors to ensure appropriate supervision by the Board of Directors.
Risk Management ／Compliance System
An Internal Control Committee has been established to oversee the compliance and risk management system of the entire group, and in addition to strengthening internal controls based on the decisions of the Internal Control Committee , we provide training and education to directors, executive officers and employees as required and based on the instructions of the Internal Audit Department.
In addition, we have also established and operate an internal reporting system (the Scroll Group Corporate Ethics Hotline) in which the director responsible for compliance or an external lawyer is the recipient of the information, as a means for directors, executive officers and employees to directly provide information on legal violations and other matters related to compliance. The Internal Audit Department evaluates the internal control system and its operation for the entire group, and reports the results to the Internal Control Committee.
Company-wide Risk Management
The Scroll group identifies and evaluates risks with Business sector as the risk owner. In addition, a “General Risk Management Activities” Office (RM Office) has been established as the office for the Internal Control Committee, and it supports responding to risks in business divisions. These activities are audited by the Internal Audit Department and reported to the Audit and Supervisory Committee and the Board of Directors. We have established a system that enables continuous monitoring by ascertaining the general risks related to business activities and the risks peculiar to the Scroll group.
Preparation of risk management tables and risk maps
The general risks in the Scroll group and the inherent risks in each business are extracted from the risk category items in Table 1 and a “risk management table” is prepared for each business division. Furthermore, the extracted risks are evaluated based on their “probability” and “impact”, and a risk map (Table 2) is prepared for each business division. The risk management table and risk map are reviewed annually by the person in charge to encourage risk response in each business division.
Summary of segment risks and group risks
The RM Office conducts hearings based on the risk assessment of each business division, conducts a risk assessment for each segment and for the entire group, and reports to the Internal Control Committee.
|Possibility of occurring||
Established on October 1, 2004
President Tomohisa Tsurumi
Personal Information Protection Policy
～Our basic idea to protect your personal information～
We have established a “personal information protection management system” in order to handle our customers’ personal information carefully and safely, and we strictly manage our customers’ information based on this.
- 1．About acquisition, use and provision of Personal Information
All of our executives and employees recognize the importance of protecting personal information, and we will acquire, use, and provide such information in a lawful and fair manner to the extent necessary to achieve the stated purpose of use, as clearly defined. In addition, we shall not handle personal information for any purpose other than the purpose of use, except as permitted by law, and we shall take measures to ensure that this is the case.
- 2．Compliance with laws, national guidelines, and other norms regarding the handling of personal information
We will handle personal information with integrity, complying with laws and regulations regarding the handling of personal information, national guidelines and other norms (hereinafter referred to as “laws and regulations, etc.”), as well as our personal information protection management system. In addition, we shall strive to keep abreast of laws and regulations etc., and shall provide information to our officers, employees, and business partners, and comply with them.
- 3．Prevention and correction of leakage, loss or damage etc. of personal information
当We will take reasonable security and preventive measures, both technically and organizationally, against the risk of leakage, loss, or damage etc. of personal information. In addition, we conduct periodic inspections and promptly correct any violations, incidents, or accidents that are discovered.
- 4．Response to complaints and consultations
We set up the Personal Information Customer Service Centre and will respond appropriately and promptly to complaints and consultations regarding our handling of personal information and our personal information protection management system after confirming that the request is made by the person himself/herself.
- 5．Continuous improvement of personal information protection management system
We will continuously review and improve our personal information protection management system to ensure that personal information is properly handled and protected. Improvements will be made in accordance with laws and regulations etc. and the Japanese Industrial Standard “Personal Information Protection Management System – Requirements” (JISQ15001).
Final revision on March 16, 2022
- １．Definition of personal information
The personal information of our customers that we receive includes the following. Transactions may be refused if a customer does not agree to the provision of the personal information.
“Attribute information” such as name, address, telephone number, date of birth, email address, etc. (including modified information that we have learned by receiving notification from customers after the start of transactions) that is written by customers on our specified application forms (including input screens).（２）
In principle, we do not acquire “personal information requiring special consideration” from customers. However, this excludes cases in which the company has obtained the consent of the individual to whom the information pertains, such as when the individual is applying for employment with us or when otherwise required by law. The term ” sensitive personal information” shall mean the following.
* Personal information that includes descriptors, etc. defined in government ordinances as requiring special consideration in its handling so as not to cause unfair discrimination, prejudice or other disadvantages against the person, such as the person’s race, beliefs, social status, medical history, criminal history, the fact of having been the victim of a crime, etc.
- ２．Purpose of using personal information
The purposes for which we use our customers’ personal information are as follows.1.
To send products, catalogs, direct mail, etc., to notify you via e-mail newsletters and SNS, to provide you with information on after-sales services and other services related to our products, etc. by us and our group companies in the e-commerce business and related businesses.2.
Introducing you to products and services from our company, our group companies, and other companies that we deem appropriate.3.
Making credit-provision decisions for future transactions with us and our group companies, post-credit management, and credit control.4.
Conducting campaigns, sweepstakes plans, and questionnaire surveys.5.
To analyze, research, develop, and prepare statistical data for marketing, sales promotion, product planning, etc.6.
Responding to questions, complaints, etc. from customers.7.
To screen applicants for employment and to manage human resources and labor management of employees.（２）
If you inform us that our introductions about the products and services of our company, our group companies, and our trading companies is unnecessary, we will promptly stop sending such information.
- ３．Appropriate acquisition of personal information
We will collect our customers’ personal information in an appropriate manner.
We will collect your personal information using appropriate methods.（２）
We will collect your personal information in the following circumstances, for example.1.
When the customer applies to purchase our products or use our services, or when you egister as a member or customer of our company.2.
When the customer purchases a product or use our services based on a transaction with us and pays the price.3.
When the customer participates in a questionnaire from us.4.
When a customer applies to us for a prize or friend referral campaign.5.
When a customer requests materials from us, etc.（３）
In the above cases, we may collect additional information other than the customer’s basic personal information by asking questions, but you can decide at your own discretion whether or not to answer our questions.（４）
When collecting your personal information from a website we have established, we use SSL (Secure Socket Layer) to encrypt the information so that it can be transmitted safely.（５）
We will not acquire personal information from a third party that has obtained the information illegally.（６）
We may obtain customers’ personal information via appropriate methods from commercially available lists and mailing list companies that have collected the information via appropriate methods. We may then use those lists to send customers information about our products and services. If you do not want such information, please let us know and we will promptly stop sending the information.（７）
If we receive an application from a minor customer, we may confirm the details with a parent or guardian.（８）
Except for the following cases, we will obtain the customer’s consent before acquiring sensitive personal information.1.
When required by laws and regulations, etc..2.
When it is necessary to protect the life, body or property of a person and it is difficult to obtain the person’s consent.3.
When it is particularly necessary to improve public health or promote the sound development of children, and it is difficult to obtain the person’s consent.4.
When it is necessary to cooperate with a national institution or local public body, or a person entrusted with their authority, that is conducting affairs stipulated in laws or regulations etc., and obtaining the consent of the person may hinder the performance of such conduct.5.
When the sensitive personal information has been published by the person; a national agency; local public body; broadcasting agency, newspaper company, news agency or other reporting agency (including individuals who report as a profession); a person who writes as a profession; a university or other institution or group that has a purpose of academic research, or a person belonging to such an organization; a religious group, political group, or other entity specified in the rules of the Personal Information Protection Commission.6.
In other cases specified by a Cabinet Order as being equivalent to the cases listed in the preceding items.
- ４．Control of personal information
We carefully control our customers’ personal information.
We will take responsibility and carefully control the personal information received from our customers.（２）
We will prevent unauthorized access to and loss, destruction, falsification, leakage, etc. of our customers’ personal information. We will also conduct periodic inspections and promptly correct any violations, incidents, or accidents that are discovered, and implement preventive measures against them. For this purpose, we conduct education and awareness arising for our executives and employees, and implement safety measures in terms of systems, administrative procedures, and facilities.（３）
We will endeavor to keep our customers’ personal information accurate and up-to-date.（４）
We will promptly suspend the use of personal information that no longer needs to be stored based upon the purpose of its use, and will dispose of or delete it in a safe manner.
- ５．Provision of personal information
As described below, we will share our customers’ personal information with our group companies, including the following joint users.
【Items of personal information that we share the use of with joint users】
The personal information described in section 1 “Definition of personal information”.
【Joint users of personal information】click here.
【Purpose of shared use】
Equivalent to the use purposes described in section 2 “Purpose of using personal information” above.
【Personal information manage】
Business responsible for personal information management:2-24-1 Sato, Naka-ku, Hamamatsu-shi, Shizuoka
Scroll Corporation President Tomohisa Tsurumi（２）
We will not provide your personal information to a third party without your consent, except in the cases listed in (3) below. However, this does not apply if any of the following items apply or if otherwise permitted by law or regulation.1.
When the customer consents to the provision to a third party2.
When disclosure or provision is required by laws or regulations etc.3.
When it is necessary to protect the life, body or property of a person and it is difficult to obtain the customer’s consent4.
When it is necessary to cooperate with a national institution or local public body, or a person entrusted with their authority, that is conducting affairs stipulated in laws and regulations etc., and obtaining the consent of the person may hinder the performance of such conduct5.
When outsourcing our business to a group company or another company（３）
We may outsource the handling of the personal information described in section 1 “Definition of personal information” to a company that conducts analysis based on customers’ transaction history.1.
The purpose of this is to provide or propose products and services to our customers more appropriately and at more appropriate times.2.
We have contracts regarding the handling of personal information with the companies that receive the personal information.3.
We use electronic storage devices when providing customers’ personal information to the companies that receive personal information. We perform safety measures with these devices so that others cannot easily view the contents of the information.4.
Customers who do not wish for such provision should inform us and we will immediately stop the provision.（４）
Except for in the following cases, we will obtain the consent of the customer regarding the provision of personal information to third parties (Excluding those who have established a system that conforms to the standards set forth in the Rules of the Personal Information Protection Commission as those necessary to continuously take measures equivalent to those required to be taken by business operators handling personal data) in a foreign country (a country or region outside of Japan, the same shall apply hereinafter in this article) before such provision to third parties in the relevant foreign country.1.
When providing the information to a third party in a country specified in the rules of the Personal Information Protection Commission as a foreign country that has a system for protecting personal information that is recognized as being at the same level as Japan in protecting the rights and interests of individuals.2.
When it has been ensured using an appropriate and reasonable method between us and the entity that receives the personal data that the measures in line with Chapter 4, Section 2 of the Personal Information Protection Law will be implemented regarding the handling of the personal data by the entity that receives the personal data3.
When the entity that receives the personal data is certified based on an international framework for personal information handling4.
When any of the reasons listed in the items of Article 27, Paragraph 1 of the Personal Information Protection Law applies
- ６．Requests for disclosure, correction, etc. of personal information
In accordance with laws and regulations etc., we will sincerely respond to claims and complaints of customers’ personal information, such as notify the purpose of use, respond to requests for disclosure of personal information in our possession, conduct correction, addition, deletion, suspension of use and prohibition of provision to third parties in cases which the content of the personal information in our possession is contrary to the facts, etc. (hereinafter referred to as “Disclosure, etc.”).
We will perform the Disclosure, etc. of a customer’s personal information that we hold at the request of the customer or an agent authorized by the customer.
※ Please see here for the detailed disclosure request method.
【Detailed Disclosure, etc. request method】1.
When requesting Disclosure, Etc., please first call the “Personal Information Customer Service Centre” listed below.2.
Requests for Disclosure, etc. will be accepted by mail or other means designated by us.3.
When requesting Disclosure, Etc., please apply with an official identification card (a copy of your driver’s license, passport, residence certificate, etc.) that certifies your identity.4.
We may charge the costs incurred in the disclosure process as a disclosure fee. No fee will be charged for procedures to correct, add to, or delete the content of personal data, or to discontinue the use, erase, or prohibit the provision to third parties of personal data.5.
We aim to send a response by the method designated by the customer within approximately 10 business days. However, in cases where the information is to be disclosed by mail or other means other than those specified by the customer in accordance with laws and regulations etc., the reason for such disclosure will be notified before the disclosure.6.
If the customer’s personal information disclosed by us contains an error, we will correct or delete the information depending on the situation. In that case, the disclosure fee will be refunded.（２）
However, we cannot disclose part or all of a customer’s personal information in the following cases. In this case, we will respond with the reason why we cannot make the disclosure.1.
When there is a risk of serious damage to the life, body, or property of the customer or a third party.2.
When there is a risk of seriously hindering the operation of our business.3.
When it would violate other laws and regulations, etc.（３）
If the customer’s personal information disclosed by us contains an error, we will promptly correct or delete the information.（４）
When a customer requests disclosure we may charge the costs incurred.（５）
【Personal Information Customer Service Centre】
Scroll Corporation, Customer Service Centre, Customer Personal Information Disclosure Section
Tel.: 0120-950-213 (Japan only)
Reception Hours: 9:00 am to 5:00 pm (Monday to Friday). We are closed on Saturdays, Sundays, public holidays, and the year-end and New Year holidays. )
Address: 2-24-1 Sato, Naka-ku, Hamamatsu City, Shizuoka 430-0807
Established on October 1, 2004
Final revision on March 16, 2022
Handling of marketing information (e.g., data that does not constitute personal information by itself)
- １．About use of marketing information
We use non-personally identifiable data (hereinafter referred to as “marketing information”.) for marketing activities, such as analyzing the effectiveness of advertisements, as well as to improve and enhance the services we provide and to implement sales promotions that are optimal for our users. In addition, a portion of this data may be provided to third parties such as our group companies and our business partners.
Marketing information is legally classified into (1) anonymously processed information, (2) pseudonym processed information, and (3) personally related information (cookie information, etc.), and each is not personal information by itself. We will use this marketing information after taking legal or appropriate measures.
- ２．About the use of anonymously processed information
For the purpose of our marketing activities, sales promotion measures for the products and services we provide, analysis, research and implementation thereof, and analysis, research and implementation necessary to improve our services and productivity, we will create “anonymous processed information” that is processed in an unrecoverable manner so that individual users cannot be identified, and will make it accessible to our The information may be provided to third parties such as group companies, partner companies, universities and other research institutions by uploading it to a restricted server or sending it by e-mail, etc.
The items of information about users included in anonymously processed information are as follows.
Address information to the municipality, zip code, gender, age, purchase history, etc.
- ３．About the use of pseudonym processed information
We collate with other information for our marketing activities, promotional measures for the products and services we offer, their analysis, research and implementation, and the analysis, research and implementation necessary to improve our services and productivity. Unless otherwise specified, we may create and use “pseudonym processing information” that has been processed so that the individual user cannot be identified. The creation, use and deletion of “pseudonym processed information” will be carried out appropriately in accordance with laws and regulations etc..
In addition, “pseudonym processed information” may be provided to a third party based on laws and regulations etc., and may be shared, but when we jointly use “pseudonym processed information”, it is based on laws and regulations etc.. We will announce the necessary information.
- ４．About the use of personal information
We may acquire and use “personal information” that cannot identify a specific individual for the purpose of analysis, research and implementation of marketing activities of sales promotion measures for the products and services we provide and of the improvement of our services and productivity.
We will not identify an individual by collating personal-related information provided by a third party with other information unless the person has consented in advance based on laws and regulations etc. In addition, we will confirm that the personal information provided by us will not be collated or used as personally identifiable information at the destination without the prior consent of the individual.
Access history of pages and products viewed by users such as (1) Cookies, (2) Web Beacons, (3) Access Logs (History) might be used by business partners such as information providers and service providers for the same purpose.（１）
Cookies are user access information that is exchanged between the website and the browser. Cookies are used not only for aggregating access information, but also for smooth site browsing services such as controlling the transition screen for each user and displaying previously confirmed products and services. Generally, cookies are enabled in the initial state of the browser and can be disabled arbitrarily. However, if you disable cookies, you will not be able to use some services on the website.（２）
Web beacons are a mechanism for feeding back information that a user has browsed a website or email by hiding or embedding a small image on the page or email of the website.
The information that is fed back does not have any personally identifiable information, and is generally the date and time of access, the page viewed, the IP address, device information, and so on. We may analyze access based on this information and use it to improve the content of advertisements and site pages.（３）
Access Logs (History)
An access log is a record of the details of a web server when it is requested to connect to the outside or send / receive data. Generally, the access date and time, IP address, specified URL, processing time, number of bytes sent and received, etc. are recorded. When system trouble or security problems occur, access logs may be consulted to find out more about the trouble or problem and to get clues as to the cause.
■Explanation of main ad distribution services and disabling them (Opt-out)
We may use behavioral targeted advertising services provided by the following business partners for the purpose of effective advertising distribution.
These business partners collect customers’ cookie information for the purpose of delivering advertisements only.
If you wish to disable these ad delivery service functions, please disable it at the sites of the relevant business partners below(Opt-out).
Opt-out from Rakuten Advertising
Opt-out from Yahoo! JAPAN Advertising
Opt-out of Google Advertising
Opt-out of Criteo Advertising
Opt-out of Facebook Advertising
Opt-out of Microsoft advertising
Opt-out of Line advertising
Opt-out of LINE Tag
■Main website access information collection and analysis services used by our company
Users may also opt-out of Google Analytics through an opt-out browser add-on.
Information collection and handling of information by cookies in services provided by Google
Opt-out of Google Analytics
Established on October 1, 2004
Final revision on March 16, 2022