PWS (PhytoWorks Web Service) Privacy Policy
This Privacy Policy is applicable during the beta Service period. The Service details and policies may change upon official launch. Any changes shall be communicated in advance through in-Service notices and email.
Version: v1.0-beta
Effective Date: March 27, 2026
Last Revised: March 27, 2026
PhytoWorks Inc. (hereinafter referred to as the "Company") hereby establishes and discloses the following Privacy Policy to protect Users' personal information and to facilitate the smooth resolution of related grievances in connection with the operation of PWS (PhytoWorks Web Service, hereinafter referred to as the "Service"), in accordance with applicable laws and regulations including the Personal Information Protection Act (PIPA) and the Act on Promotion of Information and Communications Network Utilization and Information Protection.
[EN] This Privacy Policy is provided in Korean (legally binding) and English (for reference). In case of any discrepancy, the Korean version shall prevail.
Article 1 (Purposes and Legal Bases for Processing Personal Information)
The Company processes personal information for the following purposes. Personal information so processed shall not be used for any purpose other than those stated below. In the event that the purpose of processing changes, the Company shall take necessary measures, including obtaining separate consent.
| Purpose | Details | Legal Basis |
|---|---|---|
| Member Management | Member registration and identity verification, Service eligibility verification, prevention of fraudulent use, security | Performance of contract |
| Service Provision | Use of the PWS platform — data management, AI analysis, IoT integration, file storage | Performance of contract |
| AI Service Provision | AI model inference for data analysis and interpretation | Performance of contract |
| Customer Support | Inquiry handling, delivery of notices, Service-related communications | Performance of contract / Legitimate interest |
| Security and Auditing | Access logs, security event recording, abnormal access detection | Legal obligation (Protection of Communications Secrets Act) / Legitimate interest |
| Service Improvement | Usage statistics, Service quality analysis, development of new features | Legitimate interest |
| Marketing (separate consent) | Service announcements, event information | Consent |
Article 2 (Categories of Personal Information Processed)
Items Essential for Performance of Contract (No Separate Consent Required)
The following items are essential for the performance of the contract to provide the Service and may be processed without consent where unavoidable for the conclusion and performance of a contract, pursuant to the Personal Information Protection Act.
| Item | Time of Collection | Method of Collection | Purpose | Legal Basis |
|---|---|---|---|---|
| Email address | Upon registration | User input | Account identification, login, notifications | Performance of contract |
| Password (stored with one-way encryption) | Upon registration/change | User input | Login authentication | Performance of contract |
| Email OTP code | Upon authentication | Automatically generated | Identity verification (single-use, destroyed after authentication) | Performance of contract |
| Session token | Upon login | Automatically generated | Authentication maintenance | Performance of contract |
| 2FA TOTP secret | Upon 2FA setup | User configuration | Two-factor authentication (when enabled) | Performance of contract |
Automatically Collected Items (Legal Obligation / Legitimate Interest)
| Item | Time of Collection | Method of Collection | Purpose | Legal Basis |
|---|---|---|---|---|
| IP address | Upon login/use | Automatic collection | Security audit, abnormal access detection | Legal obligation / Legitimate interest |
| Browser/device information (User-Agent) | Upon login/use | Automatic collection | Security audit, connected device display | Legitimate interest |
| Login date and time | Upon login | Automatic collection | Security audit | Legal obligation |
Optionally Collected Items (Consent by User Input)
| Item | Time of Collection | Method of Collection | Purpose | Legal Basis |
|---|---|---|---|---|
| Name | Upon registration/modification | User input | Display name, identification within team | Consent (voluntarily provided by User) |
| Profile image | Upon modification | User upload | Profile display | Consent |
| Detailed profile (last name, first name, phone number, bio) | Upon modification | User input | Personalization, team communication | Consent |
| Preferences (time zone, language, theme) | During use | User configuration/automatic | UX optimization | Legitimate interest |
Workspace (Organization) Operations
| Item | Time of Collection | Method of Collection | Purpose | Legal Basis |
|---|---|---|---|---|
| Invitation email address | Upon team member invitation | Administrator input | Sending Workspace invitation | Performance of contract |
| Billing email (billingEmail) | Upon Workspace configuration | Administrator input | Billing/tax invoice contact | Performance of contract |
When Using AI Services
| Item | Time of Collection | Method of Collection | Purpose | Legal Basis |
|---|---|---|---|---|
| Chat messages | During AI Service use | User input | AI analysis | Performance of contract |
| Images | During AI Service use | User upload | Multimodal AI analysis | Performance of contract |
| AI analysis results | Upon processing completion | Automatically generated | Delivery of results and history management | Performance of contract |
Consent-Based Collection (Marketing and Analytics)
| Item | Time of Collection | Method of Collection | Purpose | Legal Basis |
|---|---|---|---|---|
| Marketing consent status | Upon registration/configuration | User selection | Service announcements, event information | Consent |
| GA4 cookie data | Upon landing page visit | Cookies (consent-based) | Visitor statistics analysis | Consent |
Article 3 (Processing and Retention Periods of Personal Information)
The Company processes and retains personal information for the retention period prescribed by applicable laws or the period for which consent has been obtained from the User.
| Item | Retention Period | Legal Basis |
|---|---|---|
| Member information (email, name, etc.) | Destroyed within 30 days after withdrawal | Personal Information Protection Act |
| Records related to display and advertising | 6 months | Act on Consumer Protection in Electronic Commerce, Article 6 |
| Records of contracts and subscription withdrawal | 5 years | Act on Consumer Protection in Electronic Commerce, Article 6 |
| Records of payment and supply of goods, etc. | 5 years | Act on Consumer Protection in Electronic Commerce, Article 6 |
| Records of consumer complaints and dispute resolution | 3 years | Act on Consumer Protection in Electronic Commerce, Article 6 |
| Audit logs (access records) | 3 years | Internal policy |
| AI conversation history | 1 year | Internal policy |
| Access logs (IP, browser) | 3 months | Internal security policy |
Data Processing Upon Termination of Service Agreement
| Category | Processing Method | Period |
|---|---|---|
| Personal information (email, name, profile, etc.) | Destruction | Within 30 days of account deletion |
| User Data (uploaded files, AI outputs, etc.) | Export period provided, then destruction | 30 days for export after termination, destruction within 90 days thereafter |
| Backups | Automatic destruction | Within 90 days of original data destruction |
| Workspace member data upon Workspace termination | Managed by Workspace administrator; processed per above periods if no administrator | Within 30 days of Workspace termination |
Long-Term Inactive Accounts
The Company may operate a separate dormancy policy for long-term inactive accounts. Users shall be notified in advance prior to the implementation of such policy.
Article 4 (Provision of Personal Information to Third Parties)
The Company shall not, in principle, provide Users' personal information to third parties. However, the following cases shall constitute exceptions:
- Where the User has given prior consent
- Where required by provisions of applicable laws, or where a request is made by an investigative authority in accordance with the procedures and methods prescribed by law for investigative purposes
Article 5 (Entrustment of Personal Information Processing)
The Company entrusts the processing of personal information as follows for the provision of the Service.
| Trustee | Entrusted Tasks | Items Processed | Retention Period | Contact |
|---|---|---|---|---|
| Google LLC (Vertex AI) | AI model inference | Chat messages, images, tool history | Pursuant to Google Cloud DPA and service terms. API data not used for training by default | privacy.google.com |
| OpenAI, Inc. | AI model inference | Chat messages, images | In accordance with OpenAI API Terms of Use and DPA (API data not used for training by default) | privacy@openai.com |
| Amazon Web Services, Inc. (S3) | File storage (images, documents, avatars) | Uploaded files, profile images | Duration of Service use (Seoul Region ap-northeast-2, AES-256 encryption) | aws.amazon.com/privacy |
| Vercel Inc. | Web hosting, serverless functions, performance analytics | Serverless function execution data, visitor statistics | In accordance with Vercel DPA | vercel.com/legal/privacy-policy |
| Resend, Inc. | Email delivery (OTP authentication, invitations) | Email address, OTP code, invitation information | Pursuant to Resend DPA | resend.com/legal/privacy-policy |
When entering into entrustment contracts, the Company specifies and supervises provisions in the contract regarding prohibition of processing beyond the scope of the entrusted tasks, technical and administrative protective measures, restrictions on re-entrustment, and liability for damages, in accordance with the Personal Information Protection Act.
Article 6 (Cross-Border Transfer of Personal Information)
The Company transfers personal information overseas as follows for the provision of the Service.
Cross-Border Transfer Details
| Recipient | Country | Items Transferred | Purpose of Transfer | Timing and Method of Transfer | Retention Period | Contact | Legal Basis | Protective Measures |
|---|---|---|---|---|---|---|---|---|
| Google LLC (Vertex AI) | United States (GCP region configurable) | Chat messages, images, AI tool history, system prompts | AI model inference (AI data analysis) | Encrypted transmission via API upon use of AI Service | Pursuant to Google Cloud DPA and service terms. API data not used for training by default | privacy.google.com | Essential for performance of contract (PIPA Article 28-8(1)(ii)) | Google Cloud DPA, EU-US DPF certification, SOC 2 Type II |
| OpenAI, Inc. | United States | Chat messages, images | AI model inference | Encrypted transmission via API upon use of AI Service | In accordance with OpenAI API Terms of Use and DPA. API data is not used for training by default | privacy@openai.com | Essential for performance of contract | OpenAI DPA, SOC 2 Type II |
| Google LLC (Analytics) | United States | Cookie ID, page views, events | Landing page (phyto-works.com) visit analysis | Cookie-based automatic collection upon landing page visit (consent-based) | In accordance with Google policies (up to 26 months) | privacy.google.com | Consent | Google DPA, EU-US DPF certification |
| Vercel Inc. | United States (CDN: Global) | Serverless function execution data, visitor statistics | Web hosting, performance analytics | Automatic transmission upon Service access | In accordance with Vercel DPA | vercel.com/legal/privacy-policy | Essential for performance of contract | Vercel DPA, EU-US DPF certification |
| Resend, Inc. | United States | Email address, OTP code, inviter name, organization name | Email delivery (authentication, invitations) | Transmission via API upon email dispatch | Pursuant to Resend DPA | resend.com | Essential for performance of contract | Resend DPA |
Method of Refusal and Consequences of Refusal
| Service | Refusal Possible | Method of Refusal | Consequences of Refusal |
|---|---|---|---|
| Vertex AI / OpenAI | Yes | Do not use AI Services | AI analysis features unavailable (other Services remain accessible) |
| Google Analytics | Yes | Block cookies in browser or use Google-provided Opt-out browser extension | Excluded from visit analysis (no impact on Service use) |
| Vercel | Not possible (essential for Service operation) | — | — |
| Resend | Not possible (essential for email authentication) | — | Unable to register or log in |
Article 7 (Processing of Personal Information in Relation to AI Services)
Purpose of AI Processing
The Company transmits chat messages entered and images uploaded by Users to AI models for processing for the purpose of data analysis, interpretation, and similar functions.
Non-Use for AI Training
The external AI service providers utilized by the Company (Google Vertex AI, OpenAI, etc.) operate under the applicable business/API terms and data processing addenda (DPA). User Data shall not be used for AI model training or fine-tuning unless the User separately opts in or provides specific instruction to do so.
Processing of Pseudonymized Information
Pursuant to Article 28-2 of the Personal Information Protection Act, the Company may pseudonymize and utilize User Data for the purposes of Service improvement and scientific research.
- Prohibition of Re-identification: The Company shall not attempt to re-identify pseudonymized information (PIPA Article 28-5).
- Security Measures: Pseudonymized information shall be managed under security measures prescribed by the Personal Information Protection Act.
- Purpose Limitation: Such information shall be utilized solely for the purposes of Service quality improvement, usage statistics analysis, and scientific research.
- Retention Period: Pseudonymized information shall be destroyed without delay upon achievement of the purpose of use, and shall not be retained for more than 3 years.
- Right to Request Suspension of Processing: Users may request the suspension of processing of pseudonymized information. However, pursuant to Article 37, Paragraph 2 of the Personal Information Protection Act, the right to request suspension of processing may be restricted with respect to pseudonymized information processed for statistical purposes and scientific research.
Use of Anonymous Information (De-identified Aggregates)
The Company may utilize fully aggregated statistical data (anonymous information) that cannot identify individuals for the purposes of Service quality analysis and research. Anonymous information does not constitute personal information and is not subject to the Personal Information Protection Act (PIPA Article 58-2).
Automated Decision-Making
The AI Service generates automated analysis results based on data entered by Users. Users may, to the extent recognized by applicable laws, request refusal of, explanation regarding, or human review of automated decisions.
Key information used in automated decisions:
- Types of personal information provided for AI analysis: chat messages, uploaded images, Workspace context
- Relationship with analysis results: automated generation of data analysis, interpretation, and suggestions based on input data
Method and procedure for requests:
- Contact: support@phyto-works.com
- Upon request, the Company shall provide an explanation of the basis for the relevant decision or the results of a human review within 10 days.
Article 8 (Destruction of Personal Information)
- The Company shall destroy personal information without delay when the retention period has expired or the purpose of processing has been achieved.
- The procedures and methods of destruction are as follows:
- Destruction procedure: Expiration of retention period → Confirmation of grounds for destruction → Approval by Personal Information Protection Officer → Execution of destruction
- Electronic files: Permanent deletion by irreversible methods
- Paper documents: Shredding or incineration
- Notwithstanding the foregoing, where retention is required under other applicable laws, such information shall be stored separately for the applicable period.
Article 9 (Rights and Obligations of Data Subjects and Methods of Exercise)
Users (data subjects) may exercise the following rights with respect to the Company:
- Right to Access Personal Information: Users may request access to their personal information processed by the Company.
- Right to Rectification and Erasure: Users may request the rectification or erasure of personal information that is inaccurate or unnecessary.
- Right to Suspend Processing: Users may request the suspension of processing of their personal information.
- Right to Withdraw Consent: Users may withdraw consent previously given for the collection and use of personal information.
- Right to Refuse Automated Decision-Making: To the extent recognized by applicable laws, Users may refuse, request explanation regarding, or request human review of automated decision-making by the AI Service.
- Right to Data Portability: To the extent applicable laws so provide, Users may request the transfer of their personal information to another personal information processor. Separately, Users may directly download their User Data through the data export function within the Service.
Methods of Exercise
- Email: support@phyto-works.com
- In-Service Settings: Users may directly modify or delete information through the account settings page
- The Company shall take action within 10 days of receiving the User's request. In the event of delay, the Company shall notify the User of the reasons therefor.
- Where rights are exercised through an authorized representative, a power of attorney shall be submitted.
Article 10 (Measures to Ensure Security)
The Company takes the following measures to ensure the security of personal information:
| Measure | Details |
|---|---|
| Password protection | One-way encryption (hash) storage |
| Transmission security | TLS (HTTPS) applied |
| Stored data protection | Server-side encryption for file storage, encrypted management of environment variables |
| Authentication security | Token-based authentication, automatic expiration and renewal, detection and blocking of abnormal access |
| Access control | Role-based access control (RBAC), principle of least privilege |
| Web security | Security response headers applied, CSRF protection, rate limiting |
| Log management | Access record retention, automatic masking of sensitive information |
The details of security implementation may change depending on the operating environment. The Company shall continuously improve the level of protection in response to technological advancements and changes in security threats.
Article 11 (Installation, Operation, and Rejection of Automatic Data Collection Devices)
Essential Cookies (Required for Service Operation)
These cookies are essential for Service authentication and security. Rejection of these cookies may restrict the use of the Service.
| Cookie Name | Purpose | Retention Period |
|---|---|---|
pws.session_token | Login session authentication | 7 days |
better-auth.session_data | Session cache | 5 minutes |
pws.csrf | CSRF protection | Upon session termination |
Functional Cookies (User Preference Settings)
These cookies are used to enhance usability of the Service.
| Cookie Name | Purpose | Retention Period |
|---|---|---|
pws-theme | Theme setting (dark/light) | 1 year |
pws-locale | Language setting | 1 year |
pws-timezone | Time zone setting | 1 year |
pws-sidebar-collapsed | Sidebar state | 1 year |
pws-sidebar-width | Sidebar width | 1 year |
Analytics Cookies (Consent-Based, Landing Page Only)
The following cookies are collected with the User's consent. Refusal of consent shall not affect the use of the Service.
| Cookie Name | Service | Retention Period |
|---|---|---|
_ga | Google Analytics 4 | 2 years |
_ga_<ID> | Google Analytics 4 | 2 years |
Cookie Management
- Users may reject the storage of cookies through their web browser settings.
- Rejection of essential cookies may result in restrictions on the use of the Service.
- Analytics cookies (Google Analytics 4) are applied only to the phyto-works.com landing page and are not used in the Service console (Console, Phenos, etc.).
Vercel Analytics / Speed Insights (All Web Applications)
Vercel Analytics and Speed Insights are cookie-free aggregation-based tools that operate across all web applications (Console, Admin, Auth, Landing). Items collected: page views (URL, referrer, query params), visitor country/region (request-based hash, IP not retained), browser/OS, Core Web Vitals (LCP, FID, CLS, TTFB, INP). The Company operates a separate redaction policy to ensure that personal information is not included in URLs and events.
Web Storage (localStorage)
The Service uses browser web storage for the purpose of maintaining authentication state and synchronizing across tabs. Items stored in web storage may change depending on the operating environment.
Article 11-2 (Data Collected Through Google APIs)
The Company collects the following information when Users link their Google accounts through Google OAuth 2.0.
Collection Scope (OAuth Scopes)
| Scope | Data Collected | Purpose | Retention Period |
|---|---|---|---|
openid | Authentication token | Google account login | Destroyed upon session termination |
email | Email address | Account identification, login | Within 30 days of account deletion |
profile | Name, profile image | Profile display | Within 30 days of account deletion |
Restrictions on Google User Data Usage
The Company shall comply with the following regarding data obtained through Google APIs (hereinafter "Google User Data"):
- Google User Data shall be used solely for the purpose of providing and improving Service features offered to Users.
- Google User Data shall not be used for advertising, sale to third parties, general market research, AI/ML model training, or any other purposes unrelated to Service features.
- Disclosure of Google User Data to third parties is limited to: (a) processors necessary for Service provision, (b) with the User's explicit consent, or (c) to comply with legal obligations.
- Users may disconnect their Google account at any time, and upon disconnection, Google User Data shall be destroyed within 30 days.
- For further details, the Company complies with the Google API Services User Data Policy.
Exclusion from Pseudonymization Processing
The pseudonymization provisions of Article 7 (Pseudonymized Information Processing) shall not apply to Google User Data. Google User Data shall be processed solely in accordance with the usage restrictions set forth above.
Article 12 (Personal Information of Children Under 14 Years of Age)
- The Company does not provide the Service to children under 14 years of age and does not collect personal information from children under 14 years of age.
- Users must be at least the minimum age prescribed by the laws of their respective country or region (South Korea: 14 years of age, EU: 13 to 16 years of age depending on Member State law, United States: 13 years of age).
- If the Company becomes aware that personal information of a child under 14 years of age has been collected, the Company shall destroy such information without delay.
- Users of an age requiring legal guardian consent must obtain the consent of their legal guardian. Legal guardians may request access to, rectification of, erasure of, or suspension of processing of the child's personal information.
Article 13 (Personal Information Protection Officer)
The Company designates the following Personal Information Protection Officer who shall be responsible for overseeing all matters related to the processing of personal information:
| Item | Details |
|---|---|
| Name | Taeksung Lee (이택성) |
| Title | Chief Executive Officer (concurrently serving as CPO) |
| Phone | 010-4286-4863 |
| support@phyto-works.com |
For inquiries, complaints, or remedies for damages relating to the processing of personal information, please contact the officer designated above.
Article 14 (Remedies for Infringement of Rights)
Users may seek consultation or file reports with the following organizations for remedies for damages resulting from infringement of personal information:
| Agency | Contact | Website |
|---|---|---|
| Personal Information Protection Commission (PIPC) | 02-2100-3025 | pipc.go.kr |
| Personal Information Infringement Report Center (KISA) | 118 (no area code) | privacy.kisa.or.kr |
| Personal Information Dispute Mediation Committee | 1833-6972 | kopico.go.kr |
| Supreme Prosecutors' Office Cybercrime Division | 1301 | spo.go.kr |
| National Police Agency Cybercrime Bureau | 182 | ecrm.police.go.kr |
Article 15 (Amendments to This Policy)
- This Privacy Policy shall be effective as of March 27, 2026.
- In the event of amendments to this Privacy Policy, the changes shall be announced within the Service or on the website at least 7 days prior to their effective date.
- In the event of changes disadvantageous to Users, notice shall be given at least 30 days prior to the effective date, and individual notifications shall be sent via electronic means such as email.
- In the event of a transition from beta Service to official Service, this Privacy Policy may be comprehensively revised. The revised Privacy Policy shall be communicated through in-Service notices and email upon official launch, and the User's consent shall be obtained.
- Previous versions of this Privacy Policy may be accessed on the Company's website.
Notice for EU/EEA Users (GDPR)
Where Article 3(2) of the GDPR applies, the following additional information is provided to Users residing in the EU/EEA.
Legal Bases for Processing
| Processing Activity | Legal Basis | GDPR Provision |
|---|---|---|
| Account creation, email OTP | Performance of contract | Art. 6(1)(b) |
| AI analysis | Performance of contract | Art. 6(1)(b) |
| IP/User-Agent logging | Legitimate interest | Art. 6(1)(f) |
| Security logs | Legal obligation | Art. 6(1)(c) |
| Google Analytics | Consent | Art. 6(1)(a) |
| Marketing emails | Consent | Art. 6(1)(a) |
Additional Rights of EU Users
- Right to Data Portability (Art. 20): The right to receive one's data in a structured, machine-readable format (JSON, CSV)
- Right to Restriction of Processing (Art. 18): The right to request the restriction of processing under certain circumstances
- Right to Object to Profiling (Art. 22): The right to refuse AI-based automated decision-making and to request human intervention
- Right to Lodge a Complaint with a Supervisory Authority: The right to file a complaint with the data protection supervisory authority of the EU/EEA Member State of residence (e.g., Irish DPC — dataprotection.ie)
Methods of Exercising Rights
- Contact: support@phyto-works.com
- Processing Period: Within 1 month of receipt of the request (may be extended by 2 months for complex requests; reasons for extension shall be communicated)
- Identity Verification: Identity verification procedures may be required when exercising rights
- Authorized Representative: Rights may be exercised through an authorized representative upon submission of a power of attorney
International Data Transfers
Data transfers from the EU/EEA are protected by the following appropriate safeguards:
| Recipient | Country of Transfer | Transfer Basis |
|---|---|---|
| PhytoWorks Inc. (the Company) | Republic of Korea | EU Adequacy Decision (2022/254) |
| Google LLC | United States | EU-US Data Privacy Framework certification |
| Vercel Inc. | United States | EU-US Data Privacy Framework certification |
| Resend, Inc. | United States | Standard Contractual Clauses (SCCs) |
| OpenAI, Inc. | United States | Standard Contractual Clauses (SCCs) |
EU Representative (Art. 27)
The Company does not currently actively target Users located in the EU/EEA and is reviewing the applicability of the obligation to designate an EU Representative under Article 27 of the GDPR. For EU/EEA-related inquiries, please contact support@phyto-works.com.
Notice for California Residents (CCPA/CPRA)
Regardless of whether the CCPA/CPRA applicability thresholds are met, the Company voluntarily provides the following information for the privacy protection of Users residing in California.
Categories of Personal Information Collected
Identifiers (email), internet activity information (access logs), inference information (AI analysis results)
Sale and Sharing of Personal Information
The Company does not sell or share Users' personal information as those terms are defined under the CCPA/CPRA.
Rights of California Residents
- Right to Know: Users may request information regarding the categories, sources, purposes, and third-party disclosures of personal information collected over the preceding 12 months.
- Right to Delete: Users may request the deletion of their personal information held by the Company.
- Right to Correct: Users may request the correction of inaccurate personal information.
- Right to Opt-Out of Sale/Sharing: The Company does not sell or share personal information as defined under the CCPA/CPRA; therefore, this right is not applicable.
- Right to Non-Discrimination: The Company shall not discriminate against Users in the provision of the Service on account of the exercise of their rights.
Methods of Exercising Rights
- Contact: support@phyto-works.com
- Processing Period: Within 45 days of receipt of the request (may be extended by an additional 45 days for complex requests; reasons for extension shall be communicated)
- Identity Verification: Identity verification procedures through account email or similar means shall be required when exercising rights
- Authorized Representative: Rights may be exercised through a representative with a written power of attorney or an agent registered with the California Secretary of State
PhytoWorks Inc. (주식회사 파이토웍스)
Chief Executive Officer: Taeksung Lee (이택성)
Address: Room 230, Marine Bio Industry Support Center, Gangneung Science & Industry Promotion Agency, 641-22 Saimdang-ro, Gangneung-si, Gangwon Special Self-Governing Province, Republic of Korea (강원특별자치도 강릉시 사임당로 641-22, 230호 (대전동, 강릉과학산업진흥원 해양바이오산업지원센터))
Business Registration Number: 638-87-03540
Phone: 010-4286-4863
Email: support@phyto-works.com