My first thought was too, that it must be different from hard drives.
My initial idea would be to encrypt everything. Luckily since Honeycomb, Android supports this out of the box(but it's not hardware based) So even if data can be restored, it'd be nonsense(if the manufactorer implemented it correctly). You could choose a strong password, because you won't need to remember it anyway since you wipe the phone afterwards.
I found this article that agrees with me
Then there is this article on lifehacker: lifehacker.com/5808280/what-should-i-do-with-my-phone-before-i-sell-it
Alternatively, there's the ultimate security tool if you're worried about someone pulling data from your phone: don't sell it.
A little off topic: Another solution would be to just store sensitive data on a SD card and remove it before selling. Plus you could use tools like EDS(Lite) to store sensitive data in container. Sync them via a cloud service and open them on your computer with TrueCrypt.