Even with all that, the IP address itself still doesn't represent a person in the hands of that dating site.
An ISP can identify which IP address has been assigned to your phone, at what time, on what tower and exactly what points in time that IP addressed changed. It can also associate the device itself with the IP address.
An IP address on a cable modem can be associated with a particular account for a house or a business office, but even it can't positively identify the person in the house or at the business who was using it to connect to a particular website.
And yes, as you said, anybody can create a fake profile. A coworker could create a fake profile on a dating site of you if they wanted to and that IP address still doesn't positively identify you.
The name, address, photo...all of that is absolutely PII and covered by GDPR.
The IP address isn't and is also used for legitimate security purposes. People trying to get them scrubbed under GDPR are overreaching on a piece of data they have no right to have scrubbed.
An ISP can identify which IP address has been assigned to your phone, at what time, on what tower and exactly what points in time that IP addressed changed. It can also associate the device itself with the IP address.
An IP address on a cable modem can be associated with a particular account for a house or a business office, but even it can't positively identify the person in the house or at the business who was using it to connect to a particular website.
And yes, as you said, anybody can create a fake profile. A coworker could create a fake profile on a dating site of you if they wanted to and that IP address still doesn't positively identify you.
The name, address, photo...all of that is absolutely PII and covered by GDPR.
The IP address isn't and is also used for legitimate security purposes. People trying to get them scrubbed under GDPR are overreaching on a piece of data they have no right to have scrubbed.