[jeroenhd]

All the residential IPv4 addresses have been the same for years, until I switched ISP or moved. Ever since I've lived alone that IP address 100% maps back to me as a person, and I'm not the only person in Europe living on my own. Pretending this situation doesn't exist and forms a privacy risk would be madness.

There's nothing wrong with receiving IP addresses on your website, though. You can log IP addresses and use them for detecting fraud and other kinds of abuse without requiring consent. Third parties can do the same, as long as they follow the law and as long as you clearly document what information you're sharing/making users share in your privacy policy.

You can't use personal information for tracking and ad purposes without consent, though, and you can't partner up with other companies that do it for you. It doesn't matter if you're tracking IP addresses, cookies, passive fingerprints, or some kind of supercookie; you need a legitimate reason or explicit consent to process that kind of information.