Quite honestly, you are not competent to make that determination.
For the purposes of compliance with the GDPR, Pathview does associate individual page views with a single real IP address. From the precedent set by the CNIL ruling on Google Analytics in July, the only way for an analytics tool not to process personal data in the form of an IP address is to relay the request via a first-party proxy (and strip the referer).
Your analytics tool cannot accept HTTP requests from the users browser and be compliant with the GDPR without gaining consent. Serving an HTTP request made for the purposes of analytics is processing personal data and there's no legal basis for the processing without consent.
> The fundamental problem that prevents these measures from addressing the issue of access of data by non-European authorities is that of direct contact, via an HTTPS connection, between the individual's terminal and servers managed by Google.
> The resulting requests allow these servers to obtain the IP address of the Internet user as well as a lot of information about his terminal. This information may realistically allow the user to be re-identified and, consequently, to access his or her browsing on all sites using Google Analytics.
> Only solutions allowing to break this contact between the terminal and the server can address this issue. Beyond the case of Google Analytics, this type of solution could also make it possible to reconcile the use of other analytics tools with the GDPR rules on data transfer.
I've removed the hashed IP address. It is no longer stored and therefore cannot be processed.
As I've said multiple times, I will be consulting with a lawyer to ensure Pathview is in compliance with relevant privacy laws. You might be a lawyer (who knows), but I am definitely not.
The salted hash (of the IP address) is used for one purpose: to count unique visits.