Stephen Alaekwe & Co (SAC, domain: headspace.ng) positions itself as a Nigerian data protection, compliance, and digital trust service provider. Its website explicitly describes the company as an NDPC-licensed DPCO, offering services such as privacy consulting, annual compliance audits and NDPC filing, DPIA, the DTEF digital trust framework, and CDPO certification training. It is closer to a compliance consulting/audit firm than to a technical security product such as a firewall, EDR, or SOC platform.
Its core services are built around the NDPA 2023 and NDPC regulatory requirements. SAC can assist with DCPMI registration, annual filings, privacy policies and data protection toolkits, DPO-as-a-Service, data subject rights management, and consent and privacy notice frameworks. Its audit services cover NDPA gap analysis, remediation roadmaps, RoPA, third-party processor reviews, and audit report submission. The DPIA offering emphasizes identification of high-risk processing, necessity and proportionality assessments, mitigation measures, and DPO sign-off. Its digital trust services include ISACA DTEF implementation, GRC frameworks, information security policy reviews, cybersecurity consulting, digital resilience planning, and independent IS audits.
Public pricing information is limited. The CDPO certification course is listed for April 13โ17, 2026, with a fee of โฆ300,000, and mentions both Virtual Zoom and Abuja options. Other consulting, audit, DPIA, and managed DPO services do not publish pricing and require direct contact for a proposal. The Pricing Plan page shows โฆ0/month along with disk space and NVMe SSD details, which appears to be template content or pricing for non-compliance services and should not be treated as a primary reference. For a medium-sized organization starting from scratch, a basic compliance project would typically take 4โ8 weeks.
The main strengths are strong alignment with local regulation, NDPC licensing, references to IIM training certification and ISACA DTEF facilitator status, and a service chain covering consulting, audits, filings, training, and ongoing monitoring. The FAQ provides relatively specific explanations of overdue CAR, DPIA triggers, and annual filing obligations. The drawbacks are the lack of detailed service SLAs, project examples, online platform capabilities, API integrations, and pricing for most services. Its security capabilities lean more toward governance and audit, so it cannot replace actual security protection tools.
SAC is suitable for companies, government bodies, financial institutions, healthcare organizations, and other entities operating in Nigeria or processing the personal data of Nigerian residents, especially those needing DPO or compliance team capability building. The source content does not provide information on access from China, and payment methods are not disclosed. For Chinese companies with Nigerian operations, it can be considered as a candidate local NDPC compliance partner, while also being compared with international GRC/privacy management platforms or other local DPCOs.
โ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on headspace.ng official site.
headspace.ng is an Nigeria Cybersecurity provider. TG4G tracks its product information, an overall rating of 6.0/10, and a China-accessibility score of Limited (proxy recommended). Click "Visit Official Site" to reach headspace.ng directly.