It's still trivial to hash the full set of IPs with a salt appended.
I'd personally just collect IPs with no other details - it's not really invasive in my opinion, and saying you don't collect IPs leaves you open to being wrong when you accidentally leave the web server log enabled.
There's this odd fixation lately on IP Addresses being a very private, very scary thing to see logged, and I'm not sure why.
It's obviously information somewhat linked to you and a geographic location, so de-anonymising possibly but it's also how packets are routed back to you. I don't expect web services to treat my information as public, but I do expect them to at least have an access log privately.
I'd personally just collect IPs with no other details - it's not really invasive in my opinion, and saying you don't collect IPs leaves you open to being wrong when you accidentally leave the web server log enabled.