As usual, with best practices, it depends on your situation. Putting dlls in the GAC means they have to be strong, and you get full trust. This makes it pleasant and easy to deploy, but there will be no code security check (CAS) code at all, it will be completely trusted. The assembly in the GAC can also be reused on other sites on the server without the need to deploy multiple copies.
Deploying to bin means you need to understand the CAS requirements for your website, and if you need to do something that is not allowed at the trust level set in web.config, you need to either increase the trust level to full trust (not recommended) or create a custom trust level with the appropriate configuration. More information about this can be found here: http://msdn.microsoft.com/en-us/library/cc768613.aspx
Back to the question, for intranet sites where there is no external access to the site and the data that the web part works with is not sensitive (for example, salary), I would deploy it to the GAC to keep things simple.
For an application that will be accessible from the Internet, or an internal application that processes sensitive data, I usually go with the deployment of bin for security reasons.