UI Personalization allows you to show/hide particular section of admin interface.
Permission is for security purposes. User might be allowed to see some UI elements, but won't be able to browse it if he has no permission.
So basically you need to configure both.
There are some pages in the admin interface, those are allowed only for administrator or even global admins, e.g. Email Queue. This is implemented in code behind (*.cs file for particular page/control), so you can't change it through Kentico interface.