Up to this point, we have looked at what you as a programmer can do to ensure your program does not compromise user data -- whether by accident or by malevolence. These are the things you can control. Now, we begin to look at aspects of your program's runtime environment that you cannot control but about which you should be concerned.
With the exception of cookies, there is very little that a Python-based web application can do on the client's harddrive. Therefore, storage largely becomes a matter of securing the harddrive of the server -- a job for your network manager.
That being said, you can use a built-in cryptographic function to ensure the security of the stored data. Take care in using this, however. If you do not compile your program, the Python source code will be plainly readable.