I was under the impression that this is the exact kind of thing that violates the GDPR. That is.. processing an identifier (IP address) to do something more (track user actions across multiple requests) than what is required (route traffic to the server).
No comments yet.