I believe all you should need to do is declare Sentry as a subprocessor and agree to our DPA. If you’re explicitly collecting email or IP you’d need to disclose that. I don’t recall off hand if you actually have to disclose what you’re sending to an individual sub processor.
Lastly, the IP we collect is the client IP. That is, we collect it on our server when the event reaches our server. That’s not really any different than declaring that you lot IP addresses of web requests except in this case Sentry (the company) has the ability to see them associated with your events as well as to draw conclusions.
I also forget off hand (I’m not at a desk) if IP on its own is considered PII. If it’s not then you don’t need to worry unless you’re sending other identifying data.
That said, it’s probably safest just to declare that you process IPs as you certainly want that information attached to the event for your own use.