Data protection for Zimbabwean companies, signed off by a Certified DPO.
Custodian Labs gives you a dedicated Data Protection Officer on subscription — to review, advise on and sign off on your data compliance programme — paired with our upcoming GRC platform, Custodian GRC.
- Dedicated DPO on subscription
- Reviews & sign-off on your programme
- Built around SI 155 of 2024
DPO-as-a-Service
A Data Protection Officer, on subscription.
Most Zimbabwean companies don't need a full-time DPO — but the law still expects one accountable person. We become that person, embedded into your business as a monthly service.
Regulatory mapping
We translate the Cyber & Data Protection Act and SI 155 of 2024 into concrete, auditable controls for your business.
Programme review
Your subscribed DPO reviews your policies, DPIAs, registers and breach procedures — quarterly, not once a year.
Sign-off you can show
A signed compliance statement from a qualified DPO that you can put in front of regulators, customers and your board.
Staff & exec training
Awareness training for staff and tailored briefings for executives — so accountability sits where it should.
DPO-as-a-Service pricing
Pick the level of DPO support that fits your organisation.
Every plan includes a designated Data Protection Officer and access to Custodian GRC — with a generous bank of free seats and predictable per-seat pricing as your team grows.
Starter
For SMEs and small teams (up to 25 staff)
Custodian GRC included
First 5 seats free, then $5/seat per month.
- Designated Data Protection Officer (shared)
- Annual compliance assessment against the CDP Act
- Policy templates & implementation guidance
- Email support during business hours
Business
For growing organisations (up to 250 staff)
Custodian GRC included
First 10 seats free, then $7/seat per month.
- Everything in Starter
- Quarterly compliance review and sign-off
- DPIA and processor-register support
- Quarterly staff awareness training session
- Priority email and phone support
Enterprise
For corporates and regulated industries (250+ staff)
Custodian GRC included
First 15 seats free, then $9/seat per month.
- Everything in Business
- Named, dedicated DPO
- Monthly review cycle with formal sign-off
- Full DPIA, RoPA and breach-response support
- On-site staff training and executive briefings
- Direct line for incident response
Prices in USD, billed monthly. Annual billing available on request. VAT and any applicable Zimbabwean taxes are added at invoice.
Custodian GRC — our flagship governance, risk & compliance platform.
Built for Zimbabwean organisations, Custodian GRC operationalises the Data Protection Act inside your business. We're onboarding corporates and SMEs from the waitlist in cohorts.
Included with every DPO-as-a-Service plan — with 5–15 seats free depending on tier and predictable per-seat pricing thereafter. See DPO pricing for details.
Compliance assessments
Walk through the Cyber & Data Protection Act control by control — with evidence, ownership and status tracked per requirement.
Security awareness training
Roll out staff training campaigns, track completion, and issue verifiable certificates — without leaving the platform.
AI course generation
Generate role-specific courses tailored to your sector and policies, then publish them to your team in minutes.
Policy & document hub
A single store for policies, DPIAs, processor registers and breach logs — versioned and ready for audit.
Audit log & sign-off trail
Every assessment, decision and approval is logged, so your compliance story holds up under scrutiny.
Executive reporting
Board-ready dashboards: where you stand on the Act, what is overdue, and what your DPO has signed off.
Framework library
CDP Act and SI 155 of 2024 ship pre-mapped. Add ISO 27001, NIST CSF and sector frameworks as you grow.
Certificates & attestations
Issue training certificates and DPO-signed attestations your customers and regulators can verify.
Be among the first Zimbabwean organisations on Custodian GRC.
We're onboarding a limited cohort of corporates and SMEs ahead of general availability. Foundation members get founding pricing, priority DPO time and a direct line to our product team.
- Founding-member pricing locked in for 12 months
- Quarterly review with a named DPO
- Direct input into the Custodian GRC roadmap
Reach the team directly
hello@custodianlabs.co.zwNo forms, no funnels. Send us a quick email — tell us about your company, your sector and what compliance pressure you're under — and we'll come back to you with a tailored onboarding plan within one business day.
Email us to join the waitlistOpens your email client with a short template pre-filled. Prefer a call? Ring us on +263 78 592 4976.
Frequently asked questions
Do we legally need a Data Protection Officer in Zimbabwe?+
The Cyber and Data Protection Act [Chapter 12:07] and SI 155 of 2024 require organisations that handle personal data to designate an accountable data protection focal point. For most companies, an outsourced DPO is the most efficient way to meet that obligation.
How is your DPO service different from hiring a consultant?+
A consultant audits and leaves. Your subscribed DPO stays embedded in your business, runs the programme on a regular cadence, and signs off on your compliance posture in their own name.
When does Custodian GRC launch?+
We are onboarding the foundation cohort now. Waitlist members are invited in waves so we can support each organisation properly through onboarding.
Is Custodian GRC included in the DPO subscription?+
Yes. Every DPO-as-a-Service tier includes Custodian GRC access — 5 free seats on Starter, 10 on Business and 15 on Enterprise. Additional seats are charged at $5, $7 and $9 per seat per month respectively.
Where is our data hosted?+
Custodian GRC is built for the Zimbabwean regulatory environment. We can discuss in-region and on-premise deployment options for enterprise customers.