What is or isn't PII, which is a US legal term, is irrelevant.
What matters is if it's Personal Data.
Personal Data is defined by the GDPR as:
"‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person".
I would say a tracking ID falls under "an identification number [or] online identifier"...
But to the rest of your post: I don't think so. I think there an identification number is something like a government-issued ID number.
An online identifier would have to identify you (e.g. my Hacker News username is probably identifiable).
The way I think of it is if someone who isn't authorised to know who I am can look in a system at the number and then go off and correlate that info to find me without further reference to other data in said system.
A database ID doesn't count, because you'd then need to look up something actually identifiable in the system to figure out who I am; neither does an opaque tracking number.
My social security number is identifiable; my email address may be identifiable; if I gave birth in region X to octuplets, then that probably is too.