Wrong
An email address is unique to a person. "It's still personal data even if you can't find out who is the person behind it," Grooten added.
This is bollocks. I suspect the quotee is getting confused by the notion of a pseudo-anonymous key, such recording a user's identity with a serial number. If the organisation can de-anonymise it by looking up Sir Arthur Streeb-Greebling of 23, Acacia Gardens in another table or database, then the record with the serial number is considered PII. If the ID number is entirely random and there's no way to lookup the number and find the human identity it relates to, it's not PII for the purposes of GDPR.
Biting the hand that feeds IT
