there's a whole two hundred post debate around here whether ip are or aren't pii on their own, with the wast majority holding the wrong position.
there's a whole branch of gdpr that people aren't considering, which is not related to software but to your business (i.e. your mail calendar). you also need a privacy policy if you are receiving phone calls. did you know that?
there's a whole bunch of implication on how liable you are about holding unwanted personal information, including unwanted medical personal information i.e. "hi I saw your gazebo renting service, I'm organizing an event but I am unable to walk due a permanent disability and requiring a ramp is present to access your gazebo, is that so?"
there is a huge surface area for uncertainty, up and including 'best practices' that are a constantly shifting target.
edit: to clarify the calendar part: if you have a meeting with someone, that links an identity with a location. that's why it's an issue, even without considering the address book, which is another issue by itself.
THe problem is that it's a stupid question. No-one has just IP addresses, they have a mix of data. If you can combine the IP address with anything else to identify a natural person it becomes personal data.
Ip are personal data https://ec.europa.eu/info/law/law-topic/data-protection/refo...
Without conditions. Even hashing them doesn’t make them ‘irreversibly anonimized’ because the ip space is too small for hashing to be irreversible. A rainbow table can be built with all ips and use to deanonimize the ip.