diff --git a/docs/en/04_Changelogs/3.3.0.md b/docs/en/04_Changelogs/3.3.0.md
new file mode 100644
index 000000000..0ca0169e6
--- /dev/null
+++ b/docs/en/04_Changelogs/3.3.0.md
@@ -0,0 +1,22 @@
+# 3.3.0
+
+## Upgrading notes
+
+### New permission model for Versioned DataObjects
+
+When adding the `Versioned` extension to dataobjects, typically it's necessary to explicitly declare
+permissions on these objects in order to prevent un-published content surfacing to unauthenticated users.
+
+In order to better support this, versioned by default will now deny canView permissions on objects
+that are not published.
+
+For more information on how to customise the permission model for versioned dataobjects then please
+refer to the [versioned extension documentation](../developer_guides/model/versioned).
+
+### Block ?stage=Stage for unauthenticated users
+
+By default users must now be logged in with CMS access permissions in order to change the viewing
+mode of the site frontend using the `?stage` querystring parameter.
+
+This permission can be customised by altering the `Versioned.non_live_permissions`
+config by assigning a different set of permissions.