The device fingerprint is calculated using several technical parameters sent by the client, like the IP, the default language, the screen size, etc. and may also include data gathered with some "tricks" involving HTML canvas, etc. Normally people will not consider this to be "personal information", however the GDPR (European law on privacy) says that personal data is any data that can be used to identify you, even indirectly.
Here's a few relevant quotes from the GDPR:
Article 4 (1): [...] ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, [...]
Recital 26: [...] To determine whether a natural person is identifiable, account should be taken of all the means reasonably likely to be used, such as singling out, either by the controller or by another person to identify the natural person directly or indirectly. To ascertain whether means are reasonably likely to be used to identify the natural person, account should be taken of all objective factors, such as the costs of and the amount of time required for identification, taking into consideration the available technology at the time of the processing and technological developments. [...]
Recital 30: [...] Natural persons may be associated with online identifiers provided by their devices, applications, tools and protocols, such as internet protocol addresses, cookie identifiers or other identifiers such as radio frequency identification tags. This may leave traces which, in particular when combined with unique identifiers and other information received by the servers, may be used to create profiles of the natural persons and identify them. [...]
So a device fingerprint is a piece of data that can be used to identify you indirectly. By definition, it does not contain personal data like your name or your phone number, but only technical information about your client (which on the web is your browser). The fingerprint alone won't identify you, it's just technical data.
Let's suppose YouTube uses fingerprinting. And for some reasons I actually suspect it does, but I'm not sure anyway. You watch some videos while logged in with your account, John Doe. Then you log out, clear the cache, turn off the computer, and go to bed. The next day you go to YouTube, you don't log it, and you will expect YouTube won't recognize you. But you are using the same browser, sending the same user agent, with the same viewport size, same language, same "whatever" coming from whatever trick can be done with HTML/JS/CSS. Plus, you are even watching videos at the usual time, clicking on stuff the same way as usual, searching stuff using your usual keywords... YouTube says: "Guess what, I'm pretty sure this is our friend John Doe. Let's try to suggest some videos that we know John Doe likes".
I hope the concept is clear. The fingerprint alone is pretty useless. It may become valuable once it gets liked to other data: at that point it can be used to identify you, or track you on the same site or cross-site. It's like a cookie that is hard to delete, and is not very reliable (lots of people may share the same fingerprint). Like a cookie, alone, it doesn't mean anything, it's just a random string, but it becomes useful once it's linked to other data for a purpose.