No, it is not.
It uses google fonts and google fonts to track people. That’s why it is not compatible with GDPR.
For this reason, I would suggest avoiding Google ReCaptcha.
Just use alternatives.
For example, I use a honeypot field for all of my sites or client sites.
I use the WP Armour plugin with literally any other form plugin.
Honeypot is a fake field hidden empty field. You need to have it on your form or login wherever you want to protect it and you need to have WP Armour or a similar plugin for detecting the bots.
By the way if you are a developer it is really easy to write a fake field on form and write a small script to detect bots. So just write your own form and script it is faster and cleaner. Less plugin is always better 😉
With WP Armour and Honeypot field detecting bots is very easy. Honest I think even more effective than captcha. People hate chapcha and sometimes you lose traffic because of it. But honeypot fields are golden hidden and very clean people don’t even notice there is spam detection.
The bots are dumb so they don’t know what field is real or not. They fill in the fake field and the plugin detects the bot and blocks that form submission. Easy.
STOP USING GOOGLE CAPTCHA!