(423) 549-2065Free estimate
Legal · Privacy

Privacy Policy.

Last updated: May 11, 2026

The short version

We're Palisade Roofing — a family-owned business in Jonesborough, Tennessee. Christian writes every estimate himself. We built this website to do one thing well: help homeowners in the Tri-Cities get a real, honest roof estimate without a sales pipeline grinding away in the background.

Here's the plain-English summary of what that means for your privacy:

  • We collect only what we need to call you back about a roof. Name, phone, ZIP code, and a few details about your roof. Email and street address are optional.
  • We don't sell your information. We don't share it with advertisers. We don't run retargeting ads, we don't have a newsletter, and we don't trade leads with anyone.
  • We use a small number of standard tools — Formspree to receive the form, Calendly to book a 15-minute call, Google Analytics and Microsoft Clarity to see what's working on the site, and Cloudflare to keep bots out. Each one is named below with what it sees.
  • If you tick the SMS consent box, we'll send you a confirmation text from our Palisade number. You can reply STOP at any time. We never share or sell your phone number to anyone, ever.
  • You can ask us what we have on you, or tell us to delete it. Email [email protected] or call (423) 549-2065 and we'll handle it within 45 days. No lawyers required.

The rest of this page is the longer version, written for the people who want it.

Who we are

Palisade Roofing LLC is a Tennessee limited liability company formed in 2020, brand-active since 2021, operating out of 154 Old Turnpike Rd, Jonesborough, TN 37659. We're an A+ accredited business with the Better Business Bureau (accredited since November 2023). We serve about twenty communities across the Tri-Cities — Washington, Sullivan, Greene, Carter, Hawkins, Unicoi, Hamblen, Jefferson, and Johnson counties. The business is owned and operated by Christian Chambers.

We don't have a retail location, we don't sell anything online from the marketing site, and we don't run ad campaigns. This policy covers everything we do collect through www.palisaderoofingtn.com (the canonical domain). The aliases palisaderoofing.co and our other apex variants simply redirect to www.palisaderoofingtn.com; the same policy and the same practices apply no matter which address you typed in.

What we mean by "personal information"

When we say personal information in this policy, we mean any information that identifies you or could reasonably be linked back to you — your name, phone number, email address, street address, ZIP code, IP address, and similar identifiers. We use that term throughout this policy because that's the term most U.S. state privacy laws use (including Tennessee's). Some laws (like California's) split out a stricter category called sensitive personal information — Social Security numbers, government IDs, account passwords, precise geolocation, contents of communications, racial/ethnic origin, health data, and similar. We do not collect sensitive personal information through this website at all.

Information we collect

From you, when you ask for an estimate

The free estimate form at /free-roof-estimate/ collects:

  • Your name (required)
  • Your phone number (required)
  • Your email address (optional)
  • Your ZIP code (required)
  • Your street address (optional — only if you want to give it)
  • Service type (replacement, repair, metal, or inspection)
  • Urgency level (active leak, storm damage, aging roof, or comparing quotes)
  • Whether you've checked the SMS consent box

That's the entire list. The form is submitted through a service called Formspree (form ID mbdqedgj), which forwards your submission as an email to [email protected]. We read it, and Christian gets back to you.

From you, when you book a call through Calendly

If you book a 15-minute phone consult using the Calendly widget on the estimate page, Calendly collects your name, email, phone number, and the time you picked. That booking lives in Calendly's system and is governed by Calendly's privacy notice. Worth knowing: we deliberately chose not to sync our personal calendars to Calendly, so Calendly has no visibility into our day-to-day schedules. The tradeoff is that we may occasionally have to reschedule you if two requests come in at once.

Automatically, when you visit the site

Like virtually every modern website, ours captures a small amount of standard information when you visit:

  • Pages you looked at and how long you stayed
  • Type of device, operating system, and browser you used
  • A general approximation of your location (city/region) derived from your IP address — your IP address is anonymized before it's stored
  • The website (if any) that referred you here

We use this to figure out what's working on the site (is the estimate form easy to find? are people bouncing on mobile?). We are not building a profile of you.

Server logs

The website is hosted on Cloudflare Pages. Cloudflare may log your IP address, user agent, and the time of your request as part of normal operation and basic security. These logs are short-lived and we don't actively review them.

Search-console verification

We've verified the site with Google Search Console and Bing Webmaster Tools so we can see basic indexing and search-performance information. Those tools work via a verification file or DNS record only — neither one collects personal information about visitors to our site.

SMS confirmation pipeline

If you check the SMS-consent box on the estimate form, the form submission triggers a Cloudflare Worker that calls the Twilio API, and Twilio sends you a confirmation text from our Palisade number. Twilio sees your phone number in order to deliver the message. If you didn't check the box, your phone number is never sent to Twilio — the system silently drops it from that pipeline. (See the SMS / text messaging section below for the full disclosures.)

How we use what we collect

We use it for one set of purposes:

  1. To call, text, or email you back about your roof estimate.
  2. To schedule and conduct a phone consult if you booked one.
  3. To understand which parts of our website are useful and which aren't.
  4. To prevent bots, spam, and abusive submissions.
  5. To comply with our legal obligations and defend our legal rights if it ever comes to that.

We do not use your information for targeted advertising. We don't profile you for any decisions that produce legal or similarly significant effects. We don't make automated decisions about your roof — Christian writes every estimate himself.

Email from us

When you reach out about a roof, you'll get transactional email from Christian directly (estimates, scheduling, questions, follow-ups). That kind of message — the one a customer asks for as part of doing business with us — is what the federal CAN-SPAM Act treats as a "transactional or relationship message." We don't run a marketing newsletter. We don't have a promotional email list. We don't send bulk email of any kind. If we ever changed that — which we don't plan to — we'd ask you to opt in first and we'd include a one-click unsubscribe in every message. For now, every email from [email protected] is a one-to-one reply written by a human.

Cookies and tracking technologies

A "cookie" is a small file a website stores in your browser. We use cookies for three purposes only: making the site work (security and form submission), counting visitors (analytics), and understanding usability (heatmaps and session replays with form inputs masked). We do not use advertising cookies. Here's the full list:

Cookie / tracker First or third party Purpose Retention Category
_ga First-party (Google) Distinguishes unique users for Google Analytics 4 2 years (or shorter under browser policies like Safari's ITP) Analytics
_ga_JBYN2EJ6TY First-party (Google) Session state for our specific GA4 property 2 years Analytics
_clck First-party (Microsoft Clarity) Recognizes returning Clarity users 1 year Analytics
_clsk First-party (Microsoft Clarity) Stitches page views into a single Clarity session 1 day Analytics
CLID Third-party (Microsoft Clarity) First-time Clarity identifier 1 year Analytics
ANONCHK Third-party (Microsoft Clarity) Set to 0 — Clarity does not pass MUID to ad cookies 10 minutes Analytics
MR Third-party (Microsoft) Tells Microsoft whether to refresh the MUID cookie 7 days Analytics
MUID Third-party (Microsoft) Browser identifier shared across Microsoft properties ~13 months Analytics
__cf_bm Third-party (Cloudflare) Cloudflare bot management for site security 30 minutes of inactivity Strictly necessary
cf_clearance Third-party (Cloudflare) Records that a visitor passed a security challenge Default 30 minutes (configurable 15–45 min) Strictly necessary
Formspree session cookies Third-party (Formspree) Allow the contact form to submit without abuse Session only Strictly necessary
Cloudflare Turnstile challenge cookies Third-party (Cloudflare) Invisible bot challenge on the form. Turnstile itself doesn't set tracking cookies; any cookies issued from challenges.cloudflare.com are operational. Session / short-lived Strictly necessary
Calendly cookies (set inside the Calendly iframe when you interact with it) Third-party (Calendly) Identify Calendly users, remember preferences, secure booking Governed by Calendly's cookie policy Functional

Browser-side, you can clear cookies, block third-party cookies, or send a "Do Not Track" or Global Privacy Control (GPC) signal from your browser. We honor GPC signals as opt-out requests for the sale or sharing of personal information — although, as noted, we don't sell or share personal information in the first place.

Third-party services we use

We rely on a small, deliberate set of third parties. Each one has its own privacy policy that governs what it does with the data it receives:

  • Formspree (form submission relay) — https://formspree.io/legal/privacy-policy/
  • Calendly (15-minute phone-consult bookings) — https://calendly.com/legal/privacy-notice
  • Twilio (the SMS confirmation pipeline described below) — https://www.twilio.com/en-us/legal/privacy
  • Google Analytics 4 (measurement ID G-JBYN2EJ6TY; property ID 415116234) — https://policies.google.com/privacy
  • Microsoft Clarity (project ID wmg4mzcrlr) — https://privacy.microsoft.com/privacystatement
  • Cloudflare (Pages hosting, Turnstile bot protection, edge networking) — https://www.cloudflare.com/privacypolicy/ and the Turnstile addendum at https://www.cloudflare.com/turnstile-privacy-policy/
  • Google Search Console and Bing Webmaster Tools — verification only; no visitor PII is exchanged with either.

A few configuration choices worth surfacing publicly:

  • Google Signals is disabled on our GA4 property. We are not collecting cross-device user IDs or sending data to Google's advertising platforms. No remarketing audiences are configured.
  • Microsoft Clarity is configured to mask form inputs automatically. What you type into the estimate form is redacted before any session replay is stored. Clarity is integrated with GA4 via OAuth for our reporting, but no Microsoft Ads or other ad-platform integrations are enabled.
  • Cloudflare Bot Fight Mode is off, by design, so that legitimate visitors aren't presented with extra interstitials.

SMS / text messaging

If you check the SMS-consent box on the estimate form, here is exactly what happens and what you're agreeing to:

  • Who's texting you: Palisade Roofing LLC, from a number associated with our business that we've registered with U.S. mobile carriers under the A2P 10DLC framework (registration in process at the time this policy was written; the confirmation-text pipeline goes live only after carriers approve the campaign).
  • What you'll receive: A confirmation text after you submit the form acknowledging we received your estimate request, plus follow-up texts directly from Palisade Roofing about your specific roof job. Message frequency varies — for most customers, that's a handful of messages over the course of a project.
  • Cost: Message and data rates may apply depending on your carrier and plan.
  • How to stop: Reply STOP to any text from us at any time and we'll cancel further messages. Reply HELP for help, or call us directly at (423) 549-2065.
  • Where this comes from: SMS consent is governed by the federal Telephone Consumer Protection Act (47 U.S.C. § 227). Your consent here is the "prior express written consent" the TCPA requires. (The FCC's "one-to-one consent" rule was vacated by the Eleventh Circuit in Insurance Marketing Coalition v. FCC on January 24, 2025, and the FCC formally repealed it in September 2025. The underlying consent requirement remains; we comply with the version of the rule actually in force.)
  • What we don't do: We do not share or sell your phone number or your SMS consent to any third party, lead generator, or affiliate. This is the only thing we'll text you about.

If you don't check the box, no text is ever sent and Twilio never receives your number.

How we share information

We share information only with the service providers listed in Third-party services we use above, and only to the extent they need it to do their job for us (e.g., Formspree needs your form submission in order to email it to us; Twilio needs your phone number in order to deliver the confirmation text you asked for).

We do not:

  • Sell your personal information to anyone.
  • Share your personal information for cross-context behavioral advertising. (That is the specific kind of "sharing" California's privacy law restricts, and we don't do it.)
  • Trade leads with other contractors, insurance adjusters, lead-generation services, or anyone else.
  • Send your information to ad networks, retargeting platforms, or data brokers.

If we were ever required by a valid subpoena, court order, or other legal process to disclose information, we would do so — and we'd push back on overbroad requests. If our business is ever sold (we don't plan to be), your information would be part of that transfer, and we'd notify you and update this policy before the change.

How we protect information

We're a two-person company, so our security posture is correspondingly simple — and that's intentional. There's no big customer database to breach because we don't keep one. Concretely:

  • The site is HTTPS-only and uses Cloudflare's edge for TLS termination.
  • There is no database of leads on the marketing site. Estimate submissions arrive as emails in Christian's Gmail inbox, which is protected by Google's authentication and our use of strong passwords and multi-factor authentication.
  • We use Cloudflare Turnstile and standard server-side protections to keep bots and abusive submissions out.
  • Sensitive payments are handled on a separate subdomain (pay.palisaderoofingtn.com) by GoDaddy Payments — see the next section.
  • We aim to maintain a written privacy and security program that reasonably conforms to the National Institute of Standards and Technology (NIST) Privacy Framework, as contemplated by the Tennessee Information Protection Act's affirmative-defense provision.

No system is perfect, and we don't pretend ours is. But because we don't accumulate data we don't need, there's not much of a target.

Payments are handled separately

If you pay us, payment happens at pay.palisaderoofingtn.com, which is run by GoDaddy Payments. That payment subdomain has its own privacy and security practices governed by GoDaddy. The marketing site at www.palisaderoofingtn.com does not collect, process, or store any payment card information. We never see your full card number; GoDaddy handles that. No analytics or session-replay tools from the marketing site are loaded on the payment subdomain.

Data retention

  • Estimate-form emails stay in Christian's Gmail as long as the customer relationship is reasonably active, and may remain in Gmail's archive afterward for our business records. We honor deletion requests as described below.
  • Calendly bookings are retained per Calendly's retention practices; once a consult is complete we typically delete the booking record on our end within 90 days.
  • Twilio SMS logs are retained by Twilio per their standard retention (typically 13 months for message bodies on Twilio's platform). We do not maintain a separate SMS archive.
  • Google Analytics 4 event-level data is retained for 14 months, which is the GA4 minimum option we have selected.
  • Microsoft Clarity session recordings are retained on Clarity's standard rolling schedule.
  • Cloudflare logs are retained per Cloudflare's standard log retention.

Your rights

Regardless of where you live, you can email [email protected] or call (423) 549-2065 and ask us to:

  • Tell you what personal information we have about you.
  • Correct anything that's wrong.
  • Delete what we have, subject to limited exceptions (for example, if we need to keep certain records to comply with the law or defend a legal claim).
  • Stop contacting you. Including stopping all texts (reply STOP) or removing you from any list.

We'll acknowledge your request within 10 business days and respond substantively within 45 days. If a request is unusually complex, we may extend that by another 45 days and tell you why.

Tennessee residents (TIPA)

The Tennessee Information Protection Act (TIPA) took effect July 1, 2025. TIPA gives Tennessee consumers the rights to access, correct, delete, and obtain a portable copy of their personal information, and to opt out of targeted advertising, the sale of personal information, and certain kinds of profiling.

TIPA, by its own terms, applies only to businesses that (i) exceed $25 million in annual revenue and (ii) either process the personal information of 175,000+ Tennessee consumers per year, or process the data of 25,000+ Tennessee consumers while deriving more than 50% of revenue from the sale of personal information. Palisade Roofing does not come anywhere near those thresholds, so TIPA does not strictly apply to us. We've nevertheless built this policy to give Tennessee residents the substantive rights TIPA describes — because those are the right defaults regardless of whether a small contractor is technically obligated to provide them. To exercise any of these rights, email or call us using the contact information above; if we ever deny a request, you have the right to appeal that decision by replying to our response, and we'll review the appeal within 60 days.

We also maintain a written security program based on the NIST Privacy Framework, consistent with the affirmative-defense pathway TIPA establishes for businesses that maintain such a program.

California residents (CCPA / CPRA)

If you're a California resident, the California Consumer Privacy Act, as amended by the California Privacy Rights Act, gives you the right to:

  • Know what personal information we've collected about you, the categories of sources, the purposes for which we use it, and the categories of third parties we share it with.
  • Delete personal information we collected from you, subject to statutory exceptions.
  • Correct inaccurate personal information.
  • Opt out of the sale or sharing of personal information for cross-context behavioral advertising. As stated above, we do not sell or share personal information for cross-context behavioral advertising, and we have no "Do Not Sell or Share" link on the site because there is nothing to opt out of. If that ever changes, we'll add the link and update this policy first.
  • Limit the use of sensitive personal information. We do not collect sensitive personal information through this site, so there is nothing to limit.
  • Not be discriminated against for exercising any of these rights.

To submit a CCPA request, email [email protected] with "California Privacy Request" in the subject line, or call (423) 549-2065. We'll verify your identity using information you've already given us (typically the name, email, and phone number associated with your estimate request) and respond within 45 days, with one possible 45-day extension if reasonably necessary. If you use an authorized agent, we may ask the agent for proof of your written permission, and we may also ask you to verify your identity directly.

California "Shine the Light" (Civil Code § 1798.83): California residents who have an established business relationship with us may request a notice describing what categories of personal information we share with third parties for those third parties' direct marketing purposes. We do not share personal information with third parties for their direct marketing purposes, so there is nothing to disclose under § 1798.83.

EU and UK residents (GDPR principles)

Palisade Roofing does not target or solicit customers in the European Union or the United Kingdom, and we are not subject to the General Data Protection Regulation. If you nevertheless happened to contact us from the EU or UK, you are welcome to ask us — using the same contact channels above — to access, correct, or delete the personal information you provided. We'll honor those requests in the same way we honor U.S. consumer requests.

Health information (HIPAA)

We are not a covered entity or business associate under the federal Health Insurance Portability and Accountability Act (HIPAA), and we do not collect health information through this website. Please don't share health details in the estimate form.

Children's privacy (COPPA)

This website is for homeowners. It is not directed to children under 13, we don't market to children, and we don't knowingly collect personal information from children under 13 in violation of the federal Children's Online Privacy Protection Act. If you're a parent or guardian and you believe your child has submitted information to us, email [email protected] and we'll delete it.

Changes to this policy

If we change this policy, we'll update the "Last updated" date at the top and post the new version here. If the change is material — for example, if we ever start running advertising campaigns, share data with new categories of third parties, or add new tracking technologies — we'll say so at the top of the page for a reasonable period after the change. We won't apply a material change retroactively to information we already collected without giving you notice and, where required, a chance to object.

Contact us

Privacy questions, requests, or complaints:

  • Email: [email protected] (subject line: "Privacy")
  • Phone: (423) 549-2065
  • Mail: Palisade Roofing LLC, 154 Old Turnpike Rd, Jonesborough, TN 37659

Christian will respond personally. There is no privacy team and there is no ticket queue — your message comes straight to the owner.

Version 1.0 — Initial publication, May 11, 2026.

📞 Call (423) 549-2065