Think of an API key as being an application. If it is the API key that is tied to your account (you got it from https://trello.com/app-key), then you are the admin of the application. You prompt users via the authorization flow to grant access to their accounts to your application. This generates a token that can be used to access the user’s account. As an application admin, you will have a single API key that has been used to generate many tokens. Each token belongs to a single user (of which, one could be your own personal user!).
In the case of creating a webhook, you can think of the webhook as belonging to your API key. But the token is used to determine whether the user you’re creating the webhook on behalf of has access to the object that you’re wanting to “watch.”
So if you are creating a webhook for a board that your personal user already has read access to, then yes, you’ll use your own user’s token and your API key.