It is not.
They are. (Edit: they most probably are, in my opinion)
As for any other data transfer. It's not a "workaround". The visit to the website, because of how it was built/configured, did produce that transfer
And the IP address. And as the IP may identify an individual, that information and all linked information (so, the certificate for example) are personal data. (Edit: they most probably are, in my opinion)
Edit: to clarify, I am NOT a lawyer, and I am speaking here only as an individual, and this is my personal opinion.