The timeworn advice is: "TLS for data on the fly, GPG for data at rest". With suitably updated TLS/SSL libraries and configurations, and good GPG keys, this is still sound advice.<p>The big question in my mind is always "Does the server need to be able to decrypt that data?" If the server has the decryption keys, the attacker can probably steal them along with the encrypted data. I store GPG encrypted data on servers where they only have the public key - retrieving the data involves grabbing the encrypted data from the server and decrypting it somewhere else that has the private key available. (This is a handy trick for web forms that collect sensitive data - serialise it and GPG encrypt it immediately, then you can happily send the encrypted blob via non-100%-reliable email,and have the local encrypted blob available if the email copy fails to arrive.)
Define sensitive user data and how do you want to store it? In a file or in a database? AES-256 is pretty good for encryption but you also need to handle decryption somehow - and you don't really want to store passphrases on a server. Passphrases can be encrypted using pgp if you want multiple users to have access to the passphrase. When it comes to password hashing (not encryption), then go with bcrypt or scrypt.<p>But please define sensitive data more in detail. Are we talking about passwords, messages or photos of passports etc?